[EMAIL PROTECTED] wrote:
>
> Secondly most e-commerce businesses MUST open up ports from their DMZ to
> their INTERNAL servers for reasons such as database transactions say, so
> how do these people protect themselves from attack?
That isn't entirely true. Many companies export their database to a DMZ
server. Others
use message brokers to ferry information back and forth. There's always
more than one way
to do it. If push comes to shove, you may want to place your SQL stuff
in a second DMZ,
internal users can access it, external users can access it. The downside
is that it could
be compromised. The upside is that if it gets compromised, the rest of
your network is still
protected.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
