firewalls and Web servers

To: TCLUG <tclug-list@mn-linux.org>
Subject: firewalls and Web servers
From: Timothy Wilson <wilson@visi.com>
Date: Thu, 18 May 2000 12:29:00 -0500 (CDT)

Hi everyone,

Chances are good that I'll be updated the Web server at Sibley this summer.
It's a good think too because the dynamically generated Zope pages put a
fairly big load on the puny little box that we're using now.

Here's a quick review of our setup:

Our entire network (except for the Web server) sits behind a Novell
BorderManager firewall/Web proxy/Groupwise email server. We use a 10.0.0.0
system for all internal IPs. I need to Web server to run Apache (obviously),
Zope, PostgreSQL, ftp (probably Pro-ftpd or maybe Beroftpd), and an MTA
(probably Postfix). Currently, the Web server sits in the DMZ between the
firewall and our router.

So, should I...

1. Stick with the current system, relying on built-in Linux security to
repel attacks.

2. Put the Web server behind the Novell firewall.

3. Keep the Web server in the DMZ and install an OpenBSD firewall just for
the Web server.

Any thoughts or recommendations?

-Tim

--
Tim Wilson      | Visit Sibley online:         | Check out:
Henry Sibley HS | http://www.isd197.k12.mn.us/ | http://www.zope.org/
W. St. Paul, MN |                              | http://slashdot.org/
wilson@visi.com |   <dtml-var pithy_quote>     | http://linux.com/

Follow-Ups:
- Re: [TCLUG:17853] firewalls and Web servers
  - From: Ben Kochie <ben@nerp.net>
- RE: [TCLUG:17853] firewalls and Web servers
  - From: "Eric Hillman" <ehillman@cccu.com>

Prev by Date: Re: [TCLUG:17847] trying to unsubscribe....
Next by Date: Re: [TCLUG:17672] Security question
Prev by thread: Re: [TCLUG:17921] Re: Follow-up question on Samba mounting
Next by thread: RE: [TCLUG:17853] firewalls and Web servers
Index(es):
- Date
- Thread