On Sat, 12 Feb 2000, Bruce H. Nearon wrote: > Suppose an Internet site does not have a firewall. Can a securely > configured IIS 4.0 server running under securely configured NT 4.0 > protect the site from unauthorized access and denial of service attacks? > What do you mean "site"? If you're talking about a bunch of machines, certainly not. Not without making the NT machine something that constitutes a firewall. Assuming you're talking about a web "site", then yes, depending on your requirements. If the web server software is as locked down as it can be, then a firewall doesn't matter. I know of no firewall that can stop new unknown attacks against web servers, if you're allowing web access. The "depends" part has to do with how you administer the server. If you're willing to walk media up to the console of the NT box to update content, then you can rip out the workstation and server services, and feel pretty good. If you're going to try to use an MS filesharing, RPC, DB access, etc... then, IMNSHO, you better have a firewall. Ryan
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:36 PDT