TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

firewalls and Web servers



Hi everyone,

Chances are good that I'll be updated the Web server at Sibley this summer.
It's a good think too because the dynamically generated Zope pages put a
fairly big load on the puny little box that we're using now.

Here's a quick review of our setup:

Our entire network (except for the Web server) sits behind a Novell
BorderManager firewall/Web proxy/Groupwise email server. We use a 10.0.0.0
system for all internal IPs. I need to Web server to run Apache (obviously),
Zope, PostgreSQL, ftp (probably Pro-ftpd or maybe Beroftpd), and an MTA
(probably Postfix). Currently, the Web server sits in the DMZ between the
firewall and our router.

So, should I...

1. Stick with the current system, relying on built-in Linux security to
repel attacks.

2. Put the Web server behind the Novell firewall.

3. Keep the Web server in the DMZ and install an OpenBSD firewall just for
the Web server.

Any thoughts or recommendations?

-Tim

--
Tim Wilson      | Visit Sibley online:         | Check out:
Henry Sibley HS | http://www.isd197.k12.mn.us/ | http://www.zope.org/
W. St. Paul, MN |                              | http://slashdot.org/
wilson@visi.com |   <dtml-var pithy_quote>     | http://linux.com/