web to db access [was RE: ]

["Mark Evans (DSLWLQ)" <MARKE () datacom co nz>]

Rick Horne wrote:
> I'm looking for information on the best way to allow our
> web server to access an internal database.  We are
> beginning an Internet commerce site.  I've heard of
> several techniques:

[snip]

> Thanks in advance for any comments, info, or pointers to
> where I can find some info.
> Rick

(my first post to this list)

if the web server is in a dmz (3 legged firewall) then
you could leave the rules base as it is on the firewall and
run a 2nd nic off the web server to the internal lan (or
direct to the database server via x-over cable into 2nd nic
on that db server)

you could then run _only_ a different protocol from tcp
say netbeui which is non-routable on this link.

this link _should_ be inaccessible from the outside world
since the the protocol in use is blocked at the firewall
and it's only running a non-routable protocol so it should
also be blocked at the web server.

but it should allow sql access as the odbc drivers can be
used in conjunction with named pipes

i would value the list's opinion of this suggestion

regards,

 --
me