[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] place for db-server
Imho, since it is used both internally and externally, then it ought to be in
the DMZ. It can be a potential source of compromsie from external sources if
placed on the internal network.
I am not sure about the right place for our database server.
We have an external and an internal firewall (SuSE 9.0) with a DMZ.
The application server is used for internal and external
work. It needs a database server on its own machine. Should I
take it in the DMZ or in the internal network? What is the
(security related) best decision?
This is a tough one. You have to open up a hole to the private net
either way, leaving a possible vulnerbility. Placing it in the dmz is
likely the best solution as noted. Just be sure to lock down the
pinhole to the internal network. Possibly have a single machine on the
internal proxy the requests on behalf of all the internal net machines.
Until later, Geoffrey Registered Linux User #108567
Building secure systems in spite of Microsoft
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here