WebApp Sec mailing list archives
Re: Reverse Proxy Server?
From: Bob Lee <crazybob () crazybob org>
Date: Wed, 28 May 2003 08:45:13 -0500
On Tuesday, May 27, 2003, at 06:25 PM, Don Felgar wrote:
Not true. Granting a small set of IP's access to your server nearly nullifies the possibility of a portscanner discovering a vulnerability in your server. It is much safer than not doing so. That is not to say that you should forego passwords and encryption, if that's what you meant. It may or may not be scalable, depending on your situation. NAT may not be a problem if you are granting access to an entire organization. Dynamic IP's are usually within a narrow range, so easily handled. Also ARP poisoning is an extra hurdle that the determined cracker has to get around. You should limit IP access to all services where it's practical. --Don
100% right. I read it too fast and missed that this was in addition to other authentication methods.
Bob
Current thread:
- Reverse Proxy Server? Dean Thompson (May 27)
- Re: Reverse Proxy Server? Bob Lee (May 27)
- Re: Reverse Proxy Server? Stig Palmquist (May 27)
- Re: Reverse Proxy Server? Don Felgar (May 27)
- Re: Reverse Proxy Server? Bob Lee (May 27)
- Re: Reverse Proxy Server? Don Felgar (May 28)
- Re: Reverse Proxy Server? Bob Lee (May 28)
- Re: Reverse Proxy Server? Bob Lee (May 27)
- Re: Reverse Proxy Server? Dean Thompson (May 28)
- <Possible follow-ups>
- RE: Reverse Proxy Server? Dawes, Rogan (ZA - Johannesburg) (May 27)
- RE: Reverse Proxy Server? Aaron Goldsmid (May 27)
- Re: Reverse Proxy Server? Neil Kohl (May 27)
- RE: Reverse Proxy Server? Harry Chemin (May 27)