Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: What is more secure?

from [Tomas] Network Security [Permanent Link]
Subject: RE: What is more secure?
Date: Mon, 28 Feb 2005 04:04:26 +0200 
My web server is on Windows 2003 server box with IIS 6 (that’s my company's
policy and I can't do anything about it), so it's hardened to the point
Microsoft allows it to be :) and my firewall is OpenBSD box (I love this OS
:) and of course it's hardened the point my knowledge allows it to be :).
The network is so small (only a few servers, because it's a DMZ network) and
if I assume that the hacker is in it than I will assume that the hacker is
in the web server itself and there will be no point in protecting it... So
now I need to figure out that is more secure, to give all public ips to the
web server and filter traffic with bridging firewall or to give all public
ips to firewall itself and only forward certain ports to the web server with
internal ips. Blackhat wrote that it's more secure to give all public ips to
firewall and to forward ports to web's internal ips (sorry blackhat if I
understood you wrongly), but then the hacker will be making his attack on
the firewall and if he succeed he will gain all access to both networks:
internal and DMZ. And if I'll give all public ips to the web server and make
bridging firewall then the hacker will be making his attack directly on the
web server and if he succeeds he will gain access to web server only. Or am
I wrong... I'm a little confused here...
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: What is more secure?, Alvin Oga
Next by Date:  RE: tool to log file access, Andrew Shore
Previous by Thread:  Re: What is more secure?, Alvin Oga
Next by Thread:  Re: What is more secure?, Chris Thorp
Indexes:  [Date] [Thread] [Top] [All Lists]