If your web server is exploited, then the attacker will have unrestricted
access to your internal network. A better solution would be to place the
web server in a "public network" or DMZ where the evil Internet only has
access to its http server, but the web server itself doesn't have any
access to your internal network. This way, when your server is hacked, the
attacker still has to go through the firewall to get to the internal network.
HTH - Mark Ingles
At 10:02 PM 9/5/2000, Rajesh Bandar wrote:
>Hi All,
>
>I have a web server running on the internal network (172.16.0.6). I want to
>allow internet people to access the web server. So I am thinking to do NAT
>for
>the web server host and allow http service. Are there any security issues
>if I
>do that.
>
>I would appreciate any suggestions on this.
>
>Thanks,
>Rajesh.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
