Firewalls: RE: SSL through a firewall

Firewalls
(March 1998)

Indexed By Thread: [Previous] [Next]

Subject:	RE: SSL through a firewall
From:	"George D. Nincehelser" <george @ berkomusa . com>
Date:	Thu, 5 Mar 1998 16:33:32 -0600
To:	Ryan Russell <ryanr @ sybase . com>, dave kaas <dave_kaas @ RL . gov>
Cc:	firewalls @ GreatCircle . COM

I'd have to second Ryan's comment.  

A public web server should be in the DMZ, possibly protected by its own
firewall.

You'd be suprised at what major corporations have their public web sites
on the wrong side.  

George

> -----Original Message-----
> From:	Ryan Russell [SMTP:ryanr @
 sybase .
 com]
> Sent:	Thursday, March 05, 1998 1:35 PM
> To:	dave kaas
> Cc:	firewalls @
 GreatCircle .
 COM
> Subject:	Re: SSL through a firewall
> 
> Don't EVER, EVER, EVER allow Internet
> access to a web server that isn't on
> a DMZ.  The SSL issue is superfluous.  The
> fact that they would ask for that shows that
> they haven't clue one about security, and will
> be coding many CGI holes awaiting exploitation,
> and from there, attack of your internal machines.
> 
> Of course, that's just my opinion.
> 
>                     Ryan

Indexed By Date	Previous:	proxy server From: Laura M Walbrink <Laura . M . Walbrink-1 @ tc . umn . edu>
Indexed By Date	Next:	*Re: SQLNET** From: tcooper @ hns . com
Indexed By Thread	Previous:	RE: SSL through a firewall From: Josh Cohen <joshco @ microsoft . com>
Indexed By Thread	Next:	Re: SSL through a firewall From: Matthew Patton <patton @ sysnet . net>