This is actually a great idea. I've set this up for a client in the past
who wanted added measures in place in the event of a defacement. We set up
a staging server with firewalls on both sides, and set up a scheduled job to
run at set intervals. When the job ran, it would stop the w3svc, causing
the content verification on the load balancing server to fail (so public
requests would be re-routed). Then it would purge the web root and reload
from the staging server via an FTP script. W3svc would restart, and off it
went...

The staging server would do the same thing at greater intervals from an
internal data store. Pretty solid!

-----Original Message-----
From: Bragg Michael (npl1mcb) [mailto:npl1mcbUPS.COM]
Sent: Thursday, April 26, 2001 4:16 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Installing hotfixes

Matt,

ACK. However, one suggestion which I have heard tossed about is to have
your webserver in the DMZ/"barrier reef" update its data at some preset
interval (e.g., every hour or two hours) from a server inside the firewall.
Set the firewall for one-way (internal -> external) data transfer, and even
if some kidiot does deface the page, you're back to previous configuration
in a few hours anyway. Perhaps a bit inefficient in terms of data
duplication, but hey, a little redundancy is a good thing, right?

Any suggestions/comments/flames/death threats you good folks have are
welcome and encouraged...

bg
Michael Bragg
United Parcel Service
Technology Support Group
http://www.ups.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]