Re: What if we don't trust web Server
From: Roger Abell (MVPNoSpam_at_asu.edu)
Date: 06/11/03
- Previous message: B: "FileIOPermission"
- In reply to: Guogang: "What if we don't trust web Server"
- Next in thread: Jeff Cochran: "Re: What if we don't trust web Server"
- Reply: Jeff Cochran: "Re: What if we don't trust web Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 10 Jun 2003 21:30:46 -0700
"Guogang" <nospam@no_such_domain.com> wrote in news:O5Qg#L5LDHA.704
@tk2msftngp13.phx.gbl:
> Hi,
>
> In a classic setup:
>
> Client----Firewall-----Web Server----Firewall----Database
>
> What if we don't trust web server, due to the fact that it is highly
> exposed? If web server is compromised, user name, password can be
easily
> intercepted. What is the best we can do to protect from such attacks?
>
> Got some idea to minimize the information exposed to web server?
>
> Thanks,
> Guogang
>
>
If one wishes to hide in a cave, one hides and goes unseen.
If one wants to glimpse the sun, one risks the open sky overhead.
Because one's umbrella might break is no reason not to use it
against sun, rain, and wind.
The trick is knowing when the unbrella is getting weak.
-- Roger Abell MS MVP (Windows Security)
- Previous message: B: "FileIOPermission"
- In reply to: Guogang: "What if we don't trust web Server"
- Next in thread: Jeff Cochran: "Re: What if we don't trust web Server"
- Reply: Jeff Cochran: "Re: What if we don't trust web Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
