Great Circle Associates Firewalls
(March 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: virus scanning for Internet
From: peter @ nmti . com (Peter da Silva)
Date: Thu, 28 Mar 1996 10:01:41 -0600 (CST)
To: scott @ di2 . disclosure . com (Scott Barman)
Cc: peter @ nmti . com, Firewalls @ GreatCircle . COM
In-reply-to: <Pine . SUN . 3 . 91 . 960328103924 . 21455A-100000 @ di2> from "Scott Barman" at Mar 28, 96 10:45:01 am 
I'm sorry, I don't understand the relationship between my comment and your
response. It reads like "I disagree" followed by agreement.

Not CCing to the list because I'd rather figure out what you thought I said
or meant before making with public comments.

> > > Is putting your web server behind your firewall I wise thing to do?

> > An *external* web server, no.

> I disagree.  You can put your web server in the DMZ when that web
> server has to interact with a database on the other side of the
> internal firewall.  The internal firewall allows that one system (in
> the DMZ) to connect to the database system via one TCP port (proxy).
> Since everything behind the intenet firewall is RFC1597 numbered (I am
> using a Cisco/NTI PIX) and the router is set to block those from the
> internet side, I have no problems with this.
Follow-Ups:
References:
Indexed By Date Previous: Interesting packets fron the net
From: Rob Sansom <sansom @ connectix . com>
Next: Re: Redundant Internet Connections
From: Bill Stout <bstout @ osc . hitachi . com>
Indexed By Thread Previous: Re: virus scanning for Internet
From: Scott Barman <scott @ di2 . disclosure . com>
Next: The dangers of user-friendly software and high-speed communications.
From: peter @ nmti . com (Peter da Silva)
Google
 
Search Internet Search www.greatcircle.com