> Subject: Re: Apache proxy on Firewall...
> To: mshines @
purdue .
edu
> Date: Thu, 27 Feb 1997 08:46:08 +0100 (MET)
> From: "Hans Blomgren" <habl @
pax .
kpa .
se>
> > I was under the impression that the firewall machines should be
> > pretty much bare naked - not used for any application processing.
> >
> > I also was under the impression that a Web Server for the world
> > (Internet) would be connected to the wire outside of the firewall.
> >
> > Am I missing something?
>
> Yes you are, he said:
>
> "I am evaluating the use of Apache in proxy mode on our firewall."
> ~~~~~
>
> Proxy here is the key, since then apache act as a http proxy server between
> nets and not as a web server.
I also thought the strength of a system resided in its simplicity
(the old KISS principle) ...the underlying philosophy of UNIX -
small unitized modules which could be combined to perform useful
work. Doesn't a large multipurpose application run against this
grain.
If you accept Beizer's hypothesis of one residual flaw per one hundred lines of
tested source code then a very large multipurpose application has more
chance of containing more bugs a small simple single purpose application.
Right?
-----------------------------------------------------------------
Internet: mshines @
purdue .
edu * Michael S. Hines, CDP, CFE
Voice: (765) 494-5845 * Sr. Information Systems Auditor
FAX: (765) 496-1814 * Purdue University
* 1065 Freehafer Hall
* West Lafayette, IN 47907-1065
|
|
