Some people have gotten back to me about this (and many thanks to them) suggesting I get a SOCKS
compliant client. I feel I should qualify my original post:
My concern is not getting through the FW, I realize there are clients that can do this, its the inherent problems
with WWW (postscript comes to mind although I vaguely remember some of its problems being fixed). So
say some guy tries the file deletion bit in a postscript file they delete files on the DMZ host rather than on the
users machine.
My original post is below.
-------------------------------------------------------------------------------
Perhaps this is an obvious question, if so my apologies.
I don't think it would be any problem for my organization to set up its Web server in the DMZ or at least on
the Internet side of the firewall. However, we would also like our users to be able to access the Web. It
seems that common wisdom says that the only really safe way to do this is to run the client off of a box in the
DMZ or the Net side of the firewall. My question is is it then safe to run an x client web browser off of the
box onto the users desktop, or should I limit them to using some kind of text browser. Does X along with
Web clients open up possibilities of attack. Seems to me that the damage would be limited to the DMZ
machine which we should assure ourselves is an acceptable risk.
Thanks in advance.
******************************************************
Carpe cibum.
E-mail: mcp4 @
columbia .
edu
Date: 04/27/95 Time: 21:06:10
******************************************************
|
|
