Re: Web server inside the firewall

[Bennett Todd <bet () mordor net>]

I liked almost everything you wrote except:

1998-12-07-11:02:17 Kevin:
> [...] A copy of the SQL data will be stuck on the outside and will be
> updated via FTP from the internal DB server when the need arises. [...]

The machine that receives the data in the DMZ will be better-secured if you
were to replace FTP with ssh; ftp is a really distressing protocol to allow in
a firewall environment.

You can configure ftp send out to be safe, if the machine in question doesn't
attempt to do ftp with the outside world; but it's tricky to get right. I'd
really say using ssh is safer. And it's liable to be more convenient, too; you
can rsync over ssh, or use an ssh in a pipe, more conveniently than you can
shove data out via ftp.

One hack I love is letting the local content admins hack on an inside copy,
and having them get a separate person, not authorized to update that content,
to push it out; that person runs a script that sucks off a copy of the content
from the (version-controlled) internal repository, then reviews that private
copy, and only after approving it kicks off the command to rsync the DMZ site
back up to date, over an ssh connection only they are authorized to establish.
Make this "approver" be the same person (or short list of people) who are
authorized to issue press releases.

For SQL data, you can either rsync a static dump occasionally, or if you want
better speed you can hook up a persistant ssh pipe, and shove the transaction
stream down it to do live DB replication. Oh, besides good crypto
authentication and content security, ssh also does nice compression:-).

-Bennett