Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pen test - Attorney client Privilege?

From: "ma.teo" <ma.teo () adinet com uy>
Date: Wed, 19 Oct 2005 17:38:03 -0300
Hey guys...
I´ve a doubt about the communication between a Data Base and a web server (e.g SQL and IIS) in a firewall environment. I know that is more secure to have separate it, one in a firewall zone (LAN) and other in the other firewall zone (DMZ), the question is: Which are the most secure method to establish a communication between this two appications?, because i can't believe that to open a connection from DMZ to LAN are a good idea. 
How is the connection?, and which are the direction???

Thx a lot.
loop.-




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: 

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: