Snort mailing list archives
Request for Reverse Proxy Guidance
From: Jason Wallace <jason.r.wallace () gmail com>
Date: Wed, 31 Mar 2010 09:29:54 -0400
Howdy all, I'm looking for some IDS best practice guidance when dealing with a reverse proxy. We have a new application being deployed that needs to be assessable from the Internet via a web interface but also needs to authenticate to AD. To date we do not pass the Windows auth ports from our DMZ to our internal network and I would like to keep it that way. To me that means we probably need to proxy the web traffic from our DMZ to the new system hosted on the inside. If I monitor in front of the proxy I'll see the original Internet src address, with a dest of the proxy, and the original http request. If I monitor behind the proxy I'll see the src as the proxy, the dest as the internal server, and the proxyed http request. If you could only monitor either in front or behind...which would you do? I'm new to reverse proxies so if I'm missing something obvious, please feel free to point this out! Thx, Wally ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Request for Reverse Proxy Guidance Jason Wallace (Mar 31)
- Re: Request for Reverse Proxy Guidance Will Metcalf (Mar 31)