On Thu, 9 Jan 2003, Reza Shahidi wrote:
> I was counting on the webserver acting like a proxy g/w. But if you don't
> recommend this, port 1433 it is then.
Chris was refering to the situation where your webserver's security is
compromised.
If you have only port 1433 allowed to your sql server the attacker will
have only the one path through to your Protected (private) network.
If you have them joined at the NIC with a crossover cable you have no
firewall between them...and the attacker has /every/ port and service
available to them that is available on the sql server....nearly defeating
the purpose of having a DMZ/PSN completely.
Does this help?
..david
---
David Raistrick
Systems Administrator - Global Technology Associates, Inc
[EMAIL PROTECTED]
Disclaimer: All opinions expressed are the opinions of
David Raistrick, not necessarily those of GTA, Inc.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
To subscribe to the digest version first unsubscribe, then
e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archive of the last 1000 messages:
http://www.mail-archive.com/[email protected]
