Ed Sawicki wrote: > m0gely wrote: >> Ed Sawicki wrote: >> >>> a) He claims they are on a "private network"; they are safe. >>> The Web server serves only internal users; it cannot be >>> accessed directly from the Internet. However, their >>> "private network" is not private in the sense of NAT >>> and RFC1918 private addressing. Everyone in the company >>> has a public IP address. >> If they're NAT'd, then they aren't public IP's. So which is it? > > They do _NOT_ use NAT. All IP addresses are public.
Ahh, Ok. I misread the context. Well, if the firewall on the web server blocks access to anything outside their subnet, and they keep the box up to date, that should do it. Keeping the Windows machines on the public side is more interesting to me. But as long as the they have their individual firewalls sensible and enabled, and the users are running as normal users and not admins they should be Ok, but it does seem as minimal by todays standards. -- m0gely _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
