In my CISSP training, we covered the possiblity of putting a web server
in between two firewalls. The outer one cleans the course junk out of
the data stream like denial of service attacks, web server compromise
attackes, malformed packets, as well as closing down server services
that should be available to the company, but not the public. The inner
one is more fine grained possibly protecting company data assets from
disclosure or blocking unapproved websites from being accessed by employees.
Just trying to say there is a business case for two firewalls -- it has
more to do with protecting company assets than protecting the web server.
--David
Bárbara Vieira wrote:
Alan and Johnny,
I agree with Alan. I'm using the same scheme to save passwords in database,
and SSL too.
But, Johnny's answer help me understand some things.
Johnny, when you say:
So in those organization Tomcat is probably behind the second internal
firewall
for staff to use as well.
What do you mean? If you have a Tomcat inside a DMZ, usually we have one
firewall, that separates internet from intranet, i.e., the firewall filters
requests that comes from de outside. Isn't that?
Thanks,
Regards,
Bárbara Vieira
-----Original Message-----
From: Alan Chaney [mailto:[EMAIL PROTECTED]
Sent: quarta-feira, 9 de Janeiro de 2008 14:10
To: Tomcat Users List
Subject: Re: Why use a Web Server over Tomcat?
One reason for doing this, is again not whether IIS or APACHE is better
although APACHE on linux in the
hands of a guru is very good, its because Tomcat carries clear text
passwords, so if a hacker did
get at the machine, they would probably see the Active X LDAP master
password,
I don't understand this comment at all. 'Passwords' in tomcat can be
managed by a whole host of authentication schemes. I use SSL to protect
access to the password on the net and MD5 encoded passwords in a
database for user authentication and access control. It depends entirely
upon how you configure your system.
Regards
Alan
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
!DSPAM:4784031b130881839419991!
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
