Re: W2K3 domain in DMZ

From: S. Pidgorny (slavickp_at_yahoo.com)
Date: 06/15/04


Date: Tue, 15 Jun 2004 19:31:37 +1000

Hi there:

"Hairy One Kenobi" <abuse@[127.0.0.1]> wrote in message
news:Zcyzc.2$k76.0@newsfe6-win...

> Personally, I prefer a non-domain setup (don't like the prospect of having
> all machines compromised by one password, or of having a DNS in the DMZ).

Well, you are prepared to manage passwords and other stuff (patches,
security policies, etc.) on the whole heap of stand-alone hosts? You will be
changing admin and service account passwords regularly on single one of
them?

_All_ of the non-domain DMZs that I have seen "featured" same supervisor
credentials yet had more problems that domain helps to solve.

-- 
Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-


Relevant Pages

  • Re: WINSSH.EXE and WINSRT.EXE SQL Virus
    ... >> Mike - you indicated that a manual removal left you with a few ... | Running a Windows Update scan on them found no OS patches missing. ... oldest modality is weak passwords. ... Strong Passwords and the local administrators account also uses strong passwords. ...
    (microsoft.public.security.virus)
  • Re: SQL services do not seem to be starting
    ... >I have not installed any patches or Windows Updates since it was last ... >working on Friday, or changed any passwords. ... > I tried the manual net start and got the response: ...
    (microsoft.public.sqlserver.server)
  • Re: Exchange 2003 Front End/Back End Servers & Passwords
    ... Peter Marshall wrote: ... > end server in a DMZ to allow external access. ... > My question is can I have robust passwords for logging onto the front ...
    (microsoft.public.exchange.admin)
  • Re: securing dial-in
    ... > lead straight into the DMZ. ... > AFAIK, mgetty only relies on passwords, which in this case, I am not ... user dials in and enters a username, ...
    (comp.os.linux.security)
  • Re: Transmitting Sensitive Information between Servers
    ... servers within our DMZ. ... Passwords should never be transmitted in the clear. ... I wouldn't worry too ... much about usernames, though, as they tend to be predictible anyway. ...
    (Security-Basics)