RE: [FW1] NT trust

Dean Cunningham Mon, 26 Jun 2000 05:45:14 -0700

If IIS machine compromised in DMZ, then there is ready access for the hacker
to the SAM on the internal nt domain. Using a one way trust where the dmz
domain trusts the internal domain means security has less chance of being
compromised.

> ----------
> From:         Miles, David[SMTP:[EMAIL PROTECTED]]
> Sent:         Tuesday, 27 June 2000 12:03 AM
> To:   'Daniel Morone'; [EMAIL PROTECTED]
> Subject:      RE: [FW1] NT trust
> 
> 
> If I understand you correctly you have a stand alone IIS server in your
> DMZ
> and you need to authenticate accounts in a Domain on your internal
> network?
> Why don't you just make it a member server in the domain containing the
> accounts?  Why add another domain and create a trust?  
> 
> -----Original Message-----
> From: Daniel Morone [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 23, 2000 1:48 PM
> To: [EMAIL PROTECTED]
> Subject: [FW1] NT trust
> 
> 
> 
> Need to do a one way trust from dmz nt iis box to internal nt4 domain
> across
> fw-1 4.0 SP1. dmz nt box is standalone NT4.  Any ideas?
> 
> 
> 
> ==========================================================================
> ==
> ====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ==
> ====
> 
> 
> ==========================================================================
> ======
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
> 
***************************************************
This e-mail is  not an  official  statement of  the
Waikato  Regional  Council unless otherwise stated.
Visit our website http://www.ew.govt.nz
***************************************************


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] NT trust

Reply via email to
