Security Basics mailing list archives

RE: W2k servers in the dmz

From: "William Shepherd" <wshepherd1 () woh rr com>
Date: Wed, 8 Aug 2007 17:13:26 -0400

Hi Juan,

I would recommend against this, if you really want to harden the servers
then you must keep then separate from the rest of your domain. Adding them
to the domain will just make is easier for a hacker to gain access to your
internal network if they hack one of the servers.

Thanks

Will

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Juan B
Sent: Tuesday, August 07, 2007 12:58 PM
To: security basics
Subject: W2k servers in the dmz

Hi,

I have a project in which I need to rebuild 3 windows servers in the Dmz, I
am considering adding those servers to a dedicated OU in the internal 2003
domain,( to get patches from SMS in the lan, Av updates,Users can
authenticate more easier, etc...) 

Is it recommended? 
( of course those servers will be harden much more the servers in the lan).

Thanks,

Juan




       
____________________________________________________________________________
________
Moody friends. Drama queens. Your life? Nope! - their life, your story. Play
Sims Stories at Yahoo! Games.
http://sims.yahoo.com/

Current thread:

W2k servers in the dmz Juan B (Aug 08)
- RE: W2k servers in the dmz William Shepherd (Aug 10)