Don't EVER, EVER, EVER allow Internet
access to a web server that isn't on
a DMZ. The SSL issue is superfluous. The
fact that they would ask for that shows that
they haven't clue one about security, and will
be coding many CGI holes awaiting exploitation,
and from there, attack of your internal machines.
Of course, that's just my opinion.
Ryan
dave kaas <dave_kaas @
RL .
gov> on 03/04/98 03:13:10 PM
To: firewalls @
GreatCircle .
COM
cc: (bcc: Ryan Russell/SYBASE)
Subject: SSL through a firewall
We have a group that wants to put up a WEB server on our internal
network that is accessible from the Internet. It would be an NT 4.0
system with IIS 4.0 with access via a SSL hole through the firewall.
There are CGI scrpts/C-code that access the data and format it to send
back to the client. Should we be worrried? What should we be concerned
about?
thank you
--
Dave Kaas Internet: dave_kaas @
rl .
gov
Lockheed Martin Services Phone: (509) 376-6386
United States Department of Energy, Richland, WA
|
|
