-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:28 AM 10/4/2002 +1000, you loudly proclaimed: >Peoples, > I have been having a few issues with a Windows NT system and the >mountain of insecurities associated. I am now looking at alternative > solutions that should help secure the system. > > The best thought I have come up with so far is to put the Windows > NT >Server with MS Sql on it behind a Linux box. But, also removing the >internet ip addressing of the Windows NT server and giving it local >ip addressing. IE moving from 61.X.X.X to 192.168.X.X. > > The Windows NT Server is mainly used on ports 919, 1433, and > 3140. >Does anyone see a problem installing Port Forwarding on the Linux >box redirecting these ports. With the added defence of an IP Tables >firewall this should remove almost all possibilities to exploit the >server providing the Linux server is not breached. > > I still wish to run the security updates on the Windows NT > Server >and the MS SQL Server however i need a long term solution which will > resolve the difficulties that we are currently experiencing. > > So what do you think ??
Depending on if you need public access or not to the server, you could also tunnel the sql traffic through SSH. I'm doing that with VNC for a remote user. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPZ3hES7xgTzdLHYCEQI3owCg+Xgp2fo7tzu8Ucsd6YBvrKF0dkwAoNEc 5xwN2/DLktkJOdoeCgLTl1tM =2x7/ -----END PGP SIGNATURE-----
