Re: Why use a Web Server over Tomcat?

[David Smith]

In my CISSP training, we covered the possiblity of putting a web server 
in between two firewalls.  The outer one cleans the course junk out of 
the data stream like denial of service attacks, web server compromise 
attackes, malformed packets, as well as closing down server services 
that should be available to the company, but not the public.  The inner 
one is more fine grained possibly protecting company data assets from 
disclosure or blocking unapproved websites from being accessed by employees.

Just trying to say there is a business case for two firewalls -- it has 
more to do with protecting company assets than protecting the web server.

--David

Bárbara Vieira wrote:

Alan and Johnny,
I agree with Alan. I'm using the same scheme to save passwords in database,
and SSL too.
But, Johnny's answer help me understand some things. 
Johnny, when you say:
 

So in those organization Tomcat is probably behind the second internal
   

firewall 
 

for staff to use as well.
   

What do you mean? If you have a Tomcat inside a DMZ, usually we have one
firewall, that separates internet from intranet, i.e., the firewall filters
requests that comes from de outside. Isn't that?

Thanks, 
Regards,
Bárbara Vieira


-----Original Message-----
From: Alan Chaney [mailto:[EMAIL PROTECTED] 
Sent: quarta-feira, 9 de Janeiro de 2008 14:10
To: Tomcat Users List
Subject: Re: Why use a Web Server over Tomcat?


 

One reason for doing this, is again not whether IIS or APACHE is better 
although APACHE on linux in the
hands of a guru is very good, its because Tomcat carries clear text 
passwords, so if a hacker did
get at the machine, they would probably see the Active X LDAP master 
password, 
   


I don't understand this comment at all. 'Passwords' in tomcat can be 
managed by a whole host of authentication schemes. I use SSL to protect 
access to the password on the net and MD5 encoded passwords in a 
database for user authentication and access control. It depends entirely 
upon how you configure your system.

Regards

Alan

 


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



!DSPAM:4784031b130881839419991!

   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

 



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]