Hosting Provided By

DMZ boxes in the domain

From: Gene <btraquer(at)att.net>
Date: Wed Feb 26 2003 - 01:37:10 EST

We're considering adding the DMZ Win2K/IIS servers to the internal domain. This sounds like a rather dangerous thing to do, but while discussing this we came up with an idea of giving the box 2 NICs, one a DMZ address and the other an internal address and disabling all routing between the 2 NICs. Hopefully, in this scenario we can still manage the Win2K normally via the domain while permitting the box to serve out our site. If the box is compromised from the DMZ side, in theory, this wouldn't allow the compromise to affect the internal network.

Ideas/thoughts/concerns...

All helps appreciated!! Received on Wed Feb 26 16:34:51 2003

This message: [ Message body ]
Next message: Shackleford, Dave: "RE: Utility to determine who deteled files"
Previous message: Robert Formanek: "Re: Monitor Services on Windows machines"
Next in thread: Marc Fossi: "Re: DMZ boxes in the domain - Bad moderator"
Reply: Marc Fossi: "Re: DMZ boxes in the domain - Bad moderator"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:27 EDT