Re: Firewall DMZs

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Not much you can do about hte FTP, except using an application proxy 
that can perform 2FA or other stronger auth.

As for oracle, I'd really recommend building a web service that has 
auth/etc that can be used by the partners to update the din or whatever 
else you need remote partners to be able to update.  Oracle, tomcat, 
weblogic, php, perl all have the ability to create a web service for a 
back-end oracle that can have stronger access controls and limited input 
than a full oracle connection would have.

Good luck!
David

Straw Shake wrote:

> We currently have a firewall DMZ containing a server that has FTP and 
> an Oracle server running.FTP is used by partners accessing the ftp 
> services to pick-up or dump files. The Oracle is used by another 
> partner to update entries which are in turn update din the internal DB 
> server.
>
> Now I know this is not right. But what are my options to secure or 
> improve this setup?
>
> Thanks
>
> _________________________________________________________________
> Powerful Parental Controls Let your child discover the best the 
> Internet has to offer.  
> http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines
>  
>  Start enjoying all the benefits of MSN® Premium right now and get the 
> first two months FREE*.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)

iQA/AwUBQ6bxaZcwFRNrWbm9EQKVygCfXpWAVIlPWWQGBFM8rGxdsb+/3bMAoJft
U39zQnzDGKCZjbyvPcPYQxB0
=5Zjj
-----END PGP SIGNATURE-----