Re: NAT, Internet access and security

From: emilyaanderson@yahoo.com
Date: 01/08/02


Date: 8 Jan 2002 02:14:51 -0000
From: <emilyaanderson@yahoo.com>
To: security-basics@securityfocus.com


('binary' encoding is not supported, stored as-is)

In-Reply-To: <002501c19799$c5555960$fdfea8c0@ISDesktop>

Nothing is completely fool prof or completely
invulnerable and there are quite a few web servers
out there that do not have a firewall. A firewall is
there only to set up another layer of defense. The
other layers are to limit the services available on the
host system, validation on input received from the
web server, and patch the web server software and
operating system against all security vulnerabilites.



Relevant Pages

  • Re: disconnect a hacker
    ... My Web server station is right next ... my attention divided by security concerns... ... see an IP connected to port 80, ... I've been forwarding my firewall logs to my ISP, ...
    (alt.computer.security)
  • Re: Firewall on server itself
    ... Perhaps the iptables could defend against an intruder who is already ... Firewall vender specific vulnerabilities ... >> be configured to protect the web server as well other computers on ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
    (Security-Basics)
  • Re: [fw-wiz] Using SSL accelerators in firewalls
    ... It also depends on what you're using your SSL for, and how tightly you can couple ... your firewall with your web application. ... web server don't have to be very aware of each other. ... >> lost in the process and the security of transactions eroded. ...
    (Firewall-Wizards)
  • Re: Web Server not allowing external visitors
    ... | use NATD function of firewall. ... I did all this and lost all access to the internet from the other LAN ... As the Web Server at the moment then is on my FreeBSD machine I do not need ...
    (freebsd-questions)
  • Re: Web server behind Symantec Enterprise Firewall
    ... I've published a virtual IP at the Firewall to which i route the http ... NAT rule AccesoServer was chosen, but client transparency is ... Since the web server is on the LAN, you shouldn't have to add any route ...
    (comp.security.firewalls)