> Place your database server Oracle, MS-SQL, access, etc > inside your Intranet and open only port need to interact > inbound from DMZ; however, all ports outbound from Intranet > to DMZ are available.
Unfortunately for Jim, it won't be as easy as that - to perform the authentication, his servers will need to pass NT credentials to the internal network using Windows Networking (SMB/CIFS or Direct Host), so a successful attack on the web server will open access to the internal network from that web server. > Cold Fusion does not have to reside on same box as Web Server > and strongly recommend this be a separate box. Have not tried > any other placement but the DMZ with this. In my experience, this has always degraded performance significantly. Have you been doing this in production? How has it impacted performance for you? I'd be very interested in any comparisons you've done; maybe it works better now than it used to. > NIMDA and Code Red hits both IIS and Cold Fusion equally well. What exactly do you mean by this? CF isn't directly vulnerable to either, as far as I can tell. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com ------------------------------------------------------------------------------ To unsubscribe, send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body or visit the list page at www.houseoffusion.com
