Works well until one of the servers is hacked which then allows access
to the private IP space.
Note: just highlighting this as a potential risk, from what you have
said it looks like you covered this.
---
Accomplishing the impossible means only the boss will add it to your
regular duties.
(--------------------------------) {((((((
( Suneel Jhangiani ) /_ _ )
( Technical Director ) ( . . )
( Inter-Computer Technology Ltd. ) ( / )
(----------------------------------oOOo------------oOOo----)
( 40 James Street Tel: +44 (0) 20 7486 9601 )
( London W1U 1EU Fax: +44 (0) 7050 678 978 )
( United Kingdom Email: [EMAIL PROTECTED] )
( Website: http://www.inctech.com )
(----------------------------------------------------------)
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Erik Tijburg
Sent: 17 August 2004 15:25
To: [EMAIL PROTECTED]
Subject: [Rodopi] Moving Rodopi help
What we have done is moved our SQL server to a private network 10.0.0.0
and
all our servers have two NIC's one for the public network and one for
the
private network. The SQL server is on a 10. address behind a NAT for
internet access. We also turn off all windows file sharing on the
public
network and use black ice to filter everything on the public interface
that
does not need to come to that server, as well as having a firewall in
front
of that server. This keeps all intra-server traffic off public ip space
and
give us a better idea of the internet traffic that is really going to
that
server, i.e. MRTG on the switch interface.
Erik
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Global Net, LLC
Sent: Tuesday, August 17, 2004 4:31 AM
To: [EMAIL PROTECTED]
Subject: [Rodopi] Moving Rodopi help
Reason for separating them, mainly is a security thing. I will be moving
sql
behind a firewall, and just felt that the open web interface their on
sql to
the public, was somewhat a big security risk. (Open hole if you will)
The sql machine was compromised by a hacker, that somehow managed to
install
optix on that machine, and god knows what else I haven't been able to
find,
so I decided to separate, conquer and divide.
But I am open to suggestions, not to mention what goes where.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Cary Fitch
Sent: Tuesday, August 17, 2004 5:19 AM
To: [EMAIL PROTECTED]
Subject: [Rodopi] Moving Rodopi help
Ours is seperated, and we are planning to put them "back togather".
The reason is we don't feel the Rodopi web interface and processing is
really that much of a load on the server, and with them seperate,
sometimes
when a machine is rebooted, the web server looses SQL contact with the
Database server, thus requiring that connection to be re-established.
When they were on one machine all services restated on a reboot.
But, your mileage may vary.
Cary Fitch
----- Original Message -----
From: "Global Net, LLC" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 17, 2004 4:13 AM
Subject: [Rodopi] Moving Rodopi help
> I am in the process of separating rodopi 5.4, web interface, and
database
> parts.
>
> Can someone tell me what components are installed on the machine
running
the
> web interface and what components must be installed on the sql
(database)
> end?
>
> Not sure in the list which ones too pick for each part, and
installation
> document is vague, at best on this. I've always ran both on the same
machine
> before.
>
> Jeff
>
>
>
>
>
>
>
> ---------------------
> To Leave the Rodopi mail list send a message to
[EMAIL PROTECTED]
> with the word LEAVE as the message body.
>
> Please also visit the Rodopi FAQ at http://www.rodopi-faq.com
> ---------------------
>
---------------------
To Leave the Rodopi mail list send a message to
[EMAIL PROTECTED]
with the word LEAVE as the message body.
Please also visit the Rodopi FAQ at http://www.rodopi-faq.com
---------------------
---------------------
To Leave the Rodopi mail list send a message to
[EMAIL PROTECTED]
with the word LEAVE as the message body.
Please also visit the Rodopi FAQ at http://www.rodopi-faq.com
---------------------
---------------------
To Leave the Rodopi mail list send a message to
[EMAIL PROTECTED]
with the word LEAVE as the message body.
Please also visit the Rodopi FAQ at http://www.rodopi-faq.com
---------------------
---------------------
To Leave the Rodopi mail list send a message to [EMAIL PROTECTED]
with the word LEAVE as the message body.
Please also visit the Rodopi FAQ at http://www.rodopi-faq.com
---------------------
