Considering the newness of win2000, and the current influx of newbug being
found in the OS, I'd be reluctant to think the box can be hardened to a
safe degree. Place it on the DMz, and backup often.
Thanks,
Ron DuFresne
On Wed, 5 Jul 2000, Bill Stewart wrote:
> Hi all,
>
> I am a new Network Admin and have a question about server placement behind a
> firewall. Is it better to place a publicly accessible server on the DMZ
> with a hardened OS or to place it behind the firewall with the appropriate
> ports open? I am using NAT so does this really add another level of
> security? More info: I'm getting a lot of pressure to have this box a
> member of our domain (rather than stand-alone, which I normally do). This
> is going to be a Win2K server running Terminal Services with the firewall
> opened up for RDP (TCP 3389) to the one machine (which is using one to one
> NAT). If the machine is only on the LAN and behind the firewall does the OS
> need to be hardened?
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
