I have a situation where a web server needs to be accessible from the web, with little/no set up on the client side. No big deal, but here's the rub: The server in question is a W2K server running IIS, and just happens to run a mission critical web app (it's this app that needs to be accessible to remote employees). Of course, I'm concerned about hack attempts...
My first thought is to implement a VPN solution. This will suffice for some of the employees, but not all - we can't manage/dictate the remote configuration in all cases. So while a VPN will help, it's not the final solution (or so I think at this time). Next I thought of setting up an Apache server acting as a proxy to the IIS server, and intercepting known script kiddie hack attempts with a 404. But I'm wondering if this is overkill. The server in question has all the latest patches (and is kept up to date), and sits behind an IPCop firewall. I don't feel overly comfortable directing port 80 traffic right to the server, but maybe I'm being too paranoid (well, they would loose 10's of thousands of dollars a day if the app is down for more than a few minutes - so maybe I'm not being paranoid enough?). Is a combination of the VPN and Apache solution the best bet? Is there a better way to handle this? Thanks for any input. Shawn _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
