> -----Original Message-----
> From: Fabio Rocha [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 14 September 1999 10:52 PM
> To: Ben Nagy
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: Security policy design issues (long)
>
> >DISCLAIMER: I am not a WWW / CGI expert. I actually know
> squat about it.
>
> Ok, I am not either.
Grrrreat. The blind leading the blind. ;)
[my waffle snipped]
> >WWW server in DMZ can be a pain in the butt to administer
> and ranges from
> >tricky to damn near impossible to get talking to the
> database securely.
> >Remember to think about what happens if someone is camping
> in your DMZ with
> >a packet sniffer (running on your compromised public WWW
> server) - can they
> >see all your "private" DB transaction in the clear?
>
> No, definitely the private web server WON�T BE on the DMZ.
> Yesterday I�ve
> been told this server is going to host DNS and MAIL services too.
So, someone has told you to run the three services that have the most
external exposure and the worst track record for compromise on the SAME box,
on your TRUSTED network. Time for a 'duh' break...
Duh! Duh! DUH!
I would consider:
Running external DNS in the DMZ. Split DNS is good. External access to
internal DNS servers is bad.
Separating your internal mailserver and this secure WWW server, if possible.
Do you _really_ need to have two attack vectors on the one box? At least
think of the Denial of Service possibilities if not the data loss / theft
aspects.
If you really have to run the external access WWW server on the trusted LAN,
so be it, but the setup you're describing is sounding "reckless".
> Thanks a lot for your help.
> Regards,
> F�bio.
Cheers,
--
Ben Nagy
Network Consultant, CPM&S Group of Companies
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
