Hi Mikael,
I don't mean to beat on you too much for the offering up of useful
knowledge, but I must pick a bone or two with you... ;-)
On Mon, 21 Jun 1999, Mikael Olsson wrote:
> This is heavily geared towards NT, seeing that
I don't think it should make much difference. In my view, the same basic
security principles apply regardless of OS. Of course, the practical
solutions may differ... ;-)
> it's the operating system of choice for new people,
Do you really think so?
> 1. Hide as much information as possible
> (in this context, as few publicly accessible IPs
> as possible)
"Security through obscurity is no security."
> If you have the ability to disguise your web server's
> address through means of static adress translation,
> do so. See rule #1.
See rule #1. ;-)
Rather, I think you should be looking at running a good, secure web
server. Fix the problem, not the symptoms.
Other than that, I pretty much agree - especially the stuff about
selecting which machines go in the "DMZ".
Best regards,
Adrian Close email: [EMAIL PROTECTED]
Network Engineer phone: +61 3 8341 2400
Australian Business Access Pty Ltd fax: +61 3 8341 2499
P.O. Box 302, Carlton, VIC, 3053, Australia web: http://www.aba.net.au
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
