|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Reverse Proxy Server?
From: Bob Lee (crazybob
crazybob.org)
Date: Wed May 28 2003 - 08:45:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tuesday, May 27, 2003, at 06:25 PM, Don Felgar wrote:
>
> Not true. Granting a small set of IP's access to your server nearly
> nullifies the possibility of a portscanner discovering a vulnerability
> in your server. It is much safer than not doing so. That is not to
> say that you should forego passwords and encryption, if that's what
> you meant.
>
> It may or may not be scalable, depending on your situation. NAT may
> not be a problem if you are granting access to an entire organization.
> Dynamic IP's are usually within a narrow range, so easily handled.
> Also ARP poisoning is an extra hurdle that the determined cracker has
> to get around.
>
> You should limit IP access to all services where it's practical.
>
> --Don
100% right. I read it too fast and missed that this was in addition to
other authentication methods.
Bob
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]