One extra note: Connecting the Web server directly to your database would be a breach of security, you would in effect be providing any hacker a direct line into your internal network, bypassing any firewall/router security.
- Mike
----------
From: Russ[SMTP:Russ .
Cooper @
RC .
Toronto .
on .
ca]
Sent: Wednesday, August 28, 1996 4:59 PM
To: 'Jenjen Song'; 'Bernhard Schneck'; 'Mike Eddington'
Cc: 'Firewalls @
GreatCircle .
COM'
Subject: RE: Encryption utility between Web server & Databases
Of course you could just use an NT Server with IIS in front and SQL
server behind, allowing you to use NetBEUI between the two boxes
eliminating the need for encryption (since nothing else can ever get on
that link between the two boxes). IIS can do NT Challenge/Response for
authentication, which I realize doesn't have the presence that some
other methods do. It can also be used to do SSL (although there is
currently a bug in IIS 1.0 that prevents it from handling SSL with
Netscape Atlas clients, ala SSL 3.0).
Just a thought...
Cheers,
Russ
>
|
|
