|
Ok, here is a short tutorial on internet security. The servers that need to be accessed directly by the public are NEVER directly on the public line. You have the public ip line go into a firewall that blocks all incoming traffic. You have your server behind the firewall. Then, depending on the services you are offering, you only open those specific ports on the firewall to that specific server. This way you can specifically comepnsate for the traffic you expect. When MSblast brougth down everyone a coupel months ago, it is because a lot of boneheaded network admins had port 135 eitehr open on their firewall or no firewall at all. There is never a legitimate reaosn for that traffic to coem in formt eh public. As David said, if you are jsut offering web pages, only port 80 should be allowed, ebcause there is no reaosn for soemthign else. That way, fo there is somethign insecure, you eliminate the method to attack it. ----- Original Message ----- From: "Booth Martin" <Booth@xxxxxxxxxxxx> To: <midrange-l@xxxxxxxxxxxx> Sent: Monday, November 10, 2003 2:39 PM Subject: Re: how we will program in the future > What am I missing here? How does one put a web server behind a firewall? I > thought the whole point of web serving was to be on the web? > > --------------------------------------------------------- > Booth Martin http://www.MartinVT.com > Booth@xxxxxxxxxxxx > --------------------------------------------------------- > > -------Original Message------- > > From: Midrange Systems Technical Discussion > Date: 11/10/2003 1:27:21 PM > To: Midrange Systems Technical Discussion > Subject: Re: how we will program in the future > > Umm, I would have anyone's webserver behind a firewall, not jsut windows. > > ----- Original Message ----- > From: "Booth Martin" <Booth@xxxxxxxxxxxx> > To: <midrange-l@xxxxxxxxxxxx> > Sent: Monday, November 10, 2003 1:54 PM > Subject: RE: how we will program in the future > > > > That is a good point Walden. By putting the proper non-Windows protections > > in front of the Windows servers the servers are generally immune. > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.