Re: How ti configure a web server ?
From: Robert Moir (bofh@mvps.org)
Date: 02/22/03
- Next message: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Previous message: Peter Yang [MSFT]: "RE: How to uninstall Security Patches"
- In reply to: GN: "How ti configure a web server ?"
- Next in thread: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Reply: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Robert Moir" <bofh@mvps.org> Date: Sat, 22 Feb 2003 11:17:56 -0000
GN wrote:
> Hi,
>
> I need to configuer a standalone web server (with a public URL and
> without any connection on a local net work). Should i configure a
> domain controller, a domain member or just a workgroup.
>
> If i have a choice, what is the best in term of security ?
If your machine is isolated from your LAN (which is what I think you are
saying above) then its not possible to configure it to be a domain member -
it can't contact a domain so it can't be a member of one.
If your machine is standing by itself it really doesn't matter what you set
it to be out of the remaining choices from a security point of view. Domain
controller is a bad choice for a secure internet machine generally, because
if an intruder breaks into a domain controller they have in effect broken
into the whole domain, and maybe your whole forest. But if the machine is
isolated from your network this normal restriction does not apply.
Being a standalone (workgroup) machine carries less performance overhead
than running domain controller tasks so logically setting the machine up in
it's own workgroup would be your best choice.
If you were using this machine on a LAN, your choices in order of preference
from a security point of view would be: Standalone workgroup machine, domain
member, and domain controller would be a very bad 3rd choice which you
should only use if you absolutely have no choice.
-- -- Robert Moir, Microsoft Windows MVP To search the MS Knowledge base use the link below: http://support.microsoft.com/support/search/c.asp?PSL=1 My Homepage - http://www.robertmoir.co.uk ** Emailed questions will not be answered **
- Next message: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Previous message: Peter Yang [MSFT]: "RE: How to uninstall Security Patches"
- In reply to: GN: "How ti configure a web server ?"
- Next in thread: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Reply: Karl Levinson [x y] mvp: "Re: How ti configure a web server ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
