Educause Security Discussion mailing list archives
Re: Websites Published via MS ISA
From: Michael Behun <behun () BUFFALO EDU>
Date: Tue, 24 Apr 2007 09:35:31 -0400
From past experience, cautiously use Domain Name Servers DNS to change IP
address for a short outage. DNS Time To Live (TTL) is not followed by all ISP, and some campus name servers. I have seen hours pass before DNS cache is updated by external ISP. The effect is that during your outage a person using Cable modem would not be able reach server (old DNS cache). When your server is up, their DNS server now is pointing to the "down for service" web server. Since your ISA server is using your internal name servers, which you control, then DNS changes can be very useful. You may also want to consider using a failover setup. If X server is not available, then the ISA redirect service to backup server or "down for service" web server. This setup is nice when a server fails unexpectedly. mike behun
-----Original Message----- From: Karen Duncanson [mailto:duncans2 () OAKLAND EDU] Sent: Monday, April 23, 2007 4:31 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Websites Published via MS ISA I once used spider to spider, then ftp an entire website (4 front end servers) to a single server located elsewhere. Swung the DNS to point to the other location. We worked on the actual webservers until satisfied, then swung DNS back. No one knew there was an outage. This only works if there is no database access or other information gathering software involved. You could clearly use it to move static websites easily and temporarily. No one would realize there was an outage. ---- Original message ----Date: Mon, 23 Apr 2007 15:05:08 -0400 From: Charlie Prothero <Charlie.Prothero () KEYSTONE EDU> Subject: [SECURITY] Websites Published via MS ISA To: SECURITY () LISTSERV EDUCAUSE EDU Hi, all! I have a question/puzzle for you today. We have a number of websites published through our ISA server. We take the web servers down periodically for backup, and would like to route visitors to a notification page that provides info on system status, etc, for the duration of the backup. Has anyone figured out a clever way to do that? Thanks! - Charlie Charlie Prothero CIO Keystone College One College Green o La Plume, PA 18440 570-945-8015Karen Duncanson, CISSP, CCNA UTS/Network Security Analyst www.oakland.edu/uts 248-370-2675
Current thread:
- Websites Published via MS ISA Charlie Prothero (Apr 23)
- <Possible follow-ups>
- Re: Websites Published via MS ISA Karen Duncanson (Apr 23)
- Re: Websites Published via MS ISA Michael Behun (Apr 24)