On Thu, Mar 13, 2008 at 3:56 AM, <[EMAIL PROTECTED]> wrote: > OK, we've developed a philosopical situation here regarding a DMZ server: > > The server hosts a public web site and database. I was told that it > needed to be backed up because development was being done in it. My first > consideration was a backup mechanism. It wasn't until several minutes > later than I did my Donald Duck squawk questioning the wisdom of doing > active development on a DMZ machine.
Wisdom? Try "insanity" instead. A proper development cycle has separate environments for development, testing, staging and production, though sometimes testing and staging are compressed, which I consider risky. > Backing up is a bit of an issue (buy a drive, or start collecting CDs from > its writable drive), but to me the bigger issue is, should we be backing > this up? It seems to me that the DMZ is considered to be "hackable yet > isolated". Therefore, it might be best to consider that at any time (from > moment #1) that it may have already been compromised. In other words, if > we find that in fact it has been cracked, would we even be able to trust > that which has been backed up? That we'd never be sure that we had a > backup that had never been compromised in any way so it could be restored? Well, if you're considering it *only* as a production system, whether or not to back it up becomes an issue of whether the data changes, if those changes are desired and whether those changes come from end-users, or if they are only updates from an internal system that are published to end-users. > It seems to me that, by there nature, materials on DMZ machines should be > developed elsewhere, and the finished products should then be published to > the DMZ machine. Yes. Absolutely agree. > Personally, I'm not worried about being "right or wrong" here but rather > wanting to follow "best practices". SO,is it consistant with best > practices to go ahead and do development on the DMZ system, back up source > code, etc, and presume that when the system has to be re-built we can > restore an uncompromized machine? Or, should I be stubborn and insist > that development be done elsewhere and then published to the DMZ machine? Right and wrong, in this case, is about following good development practices. You already know the answer. Kurt ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
