Well hell, if you could stick another netcard and link it to the database then SURE, how ever I'm *assuming* that OTHER people will need access to the data, and you have a limited budget (can't go running twisted pair to the moon and back...), and the database will be behind a firewall...or at least another router. Hence you may want* to use some sort of encryption most likely with a challenge response based on public/private key pairs. Besides who would want to run a webserver on an NT box!? (just MHO, no need to start a war over it ;) )
* once again, depending on your network topology, were the database sits, you may not need the encryption, just a nice challenge/response system. I'm basing this on having an unsecured network some were between the webserver and the database.
- Mike
----------
From: Russ[SMTP:Russ .
Cooper @
RC .
Toronto .
on .
ca]
Sent: Wednesday, August 28, 1996 4:59 PM
To: 'Jenjen Song'; 'Bernhard Schneck'; 'Mike Eddington'
Cc: 'Firewalls @
GreatCircle .
COM'
Subject: RE: Encryption utility between Web server & Databases
Of course you could just use an NT Server with IIS in front and SQL
server behind, allowing you to use NetBEUI between the two boxes
eliminating the need for encryption (since nothing else can ever get on
that link between the two boxes). IIS can do NT Challenge/Response for
authentication, which I realize doesn't have the presence that some
other methods do. It can also be used to do SSL (although there is
currently a bug in IIS 1.0 that prevents it from handling SSL with
Netscape Atlas clients, ala SSL 3.0).
Just a thought...
Cheers,
Russ
>
|
|
