WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

DMZ and critical data

From: "Pedro Henrique Morsch Mazzoni" <phmazzoni () gmail com>
Date: Fri, 7 Jul 2006 11:22:52 -0300
Hello,

I am doing a project of network security to a friend of mine.
We will do a back-to-back DMZ, with a external and a internat firewall.
In our project, only the web and mail servers stay in DMZ.
But the company wants to access a webbased application from the internet.
The webserver needs access to a file and a database server, but the
data on this server is critical.
My sugestion is to put a webserver in the internal network and
configure a Vpn, but it is not possible for the client.
I don´t want to put the file and database servers on the DMZ, put if I
put it on the internal network the webserver on the DMZ has to access
the server, wich compromises my security.

Any sugestions?

Pedro Mazzoni

-------------------------------------------------------------------------
Sponsored by: Watchfire

Securing a web application goes far beyond testing the application using
manual processes, or by using automated systems and tools. Watchfire's
"Web Application Security: Automated Scanning or Manual Penetration
Testing?" whitepaper examines a few vulnerability detection methods -
specifically comparing and contrasting manual penetration testing with
automated scanning tools. Download it today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmm
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: