On Sun, 15 Apr 2001, spewed into the ether:
> we have firewall built-in in the Netopia router do we need another
> firewall device? How about having a Proxy Server? If I want have a
This will strictly depend on how you want to configure your network.
If you want a Internet------>DMZ------>Intranet setup,
then your router needs three nics, or you need a stricter firewall.
> important to have Proxy Server, when we have built-in firewall in the
> Router?
See above comment. (BTW, you can never have too many layers of securit
so long as what you are protecting is cheaper than the cost of
implementing the security).
> address. For now, the Database Server will also host the IIS server.
You asking to be broken into? (Unless this is an Access database, in
which case anything else will be worse).
> It should be the way you huys have configured your server. Suppose I
> would like you guys to be able to upload stuffs from there to my
> database cum web server. Since the web server will be behind
Upload how? Using ftp?
> firewall, will you guys be able to access the server from there if
> you are authentic user of our domain? If so how is firewall
> preventing outside user from accessing ourr network?
Well, if your machine is offering a service to the external world, it
has to be accessible from the net on those ports. Your firewall can
block everything else, but it will not block traffic that you
explicitly allow through (assuming a sane firewall configuration of
deny everything that is not permitted, and that services are not
tunnelling over the TCP rpc port (aka http)).
BTW, I needn't be an authenticated user of your domain unless your
machines are specifically configured to do so.
> monitor their traffic load to T1. Is there any smart way of doing
> this? Please let me know.
Give them a separate interface on the router and run MRTG.
> 4. Secured Site: Mahato's white does not go far enough explaining
> about Secured Site. You guys having remote access to our web
Exactly what do you want to configure? Haver you checked all available
resources? Hardening NT server second edition, from ORA?
http://securityfocus.com ?
http://www.google.com/search?q=hardening+IIS+NT+4
http://www.google.com/search?q=hardening+Database+NT+4
http://www.microsoft.com ?
> server from there, can you configure secured site provided we
> purchase all required software? Please perform a web research and
Dunno, for https, you merely need a certificate, which you can generate
using OpenSSL (it works on NT as well)
> let me know what do I need to buy?
The signature on your certificate of a Root CA.
> I will keep on bugging you when I have more questions.
Welcome
Devdas Bhagat
--
Democracy is a device that insures we shall be governed no better than
we deserve.
-- George Bernard Shaw
----------------------------------------------
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/linux-india-help
