Re: Experiences using SBS2003 as web server??

From: Russ (russ_at_nospamrussellgrover.com)
Date: 03/12/04 

Date: Fri, 12 Mar 2004 07:57:11 -0800

Ok Not knowing exactly what you are doing I'm taking a shot in the dark let
me see if this sounds good.

Run Smoothwall Firewall. (Free at www.smoothwall.org)
Put Three Network Cards in it.

Open DMZ to your Webserver (Red Hat)
Use that to connect internally to your SQL server. (Then you'd be on the
100MB/sec Side of your network.)
Open an Port to From Webserver IP to SQL IP.
Keep everything else behind the firewall.
Then you have control of your webserver and fast throughput to your SQL
server.
The SBS will be behind the firewall not exposed and the SQL server will be
safe..

You could also run Two Firewalls if you are really worried about security.
One before the Webserver.. Then the Redhat Server then an Internal firewall
then you net.

Does that make sense?
Russ

"Ken Doerbecker" <kdoerbecker@psipc.com> wrote in message
news:ijc3501tedgmrvtivm5cugvrdqm0mqr5c5@4ax.com...
> Russ,
>
> I've considered doing that, running the bulk of the site on an ISPs
> Apache server and using PHP scripts to send data to my internal SQL
> server. Aside from security, that addresses some bandwidth and
> reliability issues I'm also concerned with.
>
> But, wouldn't I still have to open my internal sbs server up to the
> Internet? Is my exposure really any less in that environment. I'm not
> even sure that can be done, are you?
>
> Ken
>
> On Thu, 11 Mar 2004 22:32:33 -0800, "Russ"
> <russ@nospamrussellgrover.com> wrote:
>
> >If it was me?
> >I'd load Red Hat Linux on another Server (Just for a Website.)
> >Put it in a DMZ and put stuff there that it won't matter if a hacker got
it
> >it.
> >
> >But then again, that's just me ;)
> >
> >Russ
> >
> >"Ken Doerbecker" <kdoerbecker@psipc.com> wrote in message
> >news:hud250tbcj8co76qmp8hst3iti446mjjrt@4ax.com...
> >> Anyone have any advice to give me.
> >>
> >> I'm planning on using my SBS2003 server to host some web pages with
> >> public access to them. I have differences of opinion from the MS folks
> >> as to wether or not that is a good idea. I know it is capable of doing
> >> it, question is - is it a good idea (administration, security, attack
> >> wise, etc.)
> >>
> >> Reason for doing so is that there will be data collected into an SQL
> >> database that I want to keep on my local server and use with other
> >> internal applications.
> >>
> >> Any opinions are welcome.
> >>
> >> Thanks,
> >> Ken
> >
>

Relevant Pages

  • Re: login attempts
    ... > Every day i have on my win2000 iternet server a lots of wrong login ... Windows by default allows ... You also need a firewall. ... the internet, except for those ports you know you're using. ...
    (microsoft.public.win2000.security)
  • Re: Firewall on a single NIC SBS2003 Standard edition
    ... Frank McCallister SBS MVP ... > " Well, if you're wanting to run the firewall on a single NIC, you aren't ... Don't ask the server to do *everything*, ... > internet traffic from the workstations don't have to go through the SBS. ...
    (microsoft.public.windows.server.sbs)
  • Re: Internet on nodes
    ... I stopped the Firewall in SBS and could upload ... print' from both the server and a WS. ... Was not able to connect to the internet on the WS. ...
    (microsoft.public.windows.server.sbs)
  • Re: 2 NICs Configuration Problem
    ... the server as Paul envisaged it. ... gateway (to the Internet through the NIC connected to the Sonicwall DMZ ... NICs should not have default gateways configured for both. ... DMZ ports of any firewall, is an alternative path that cause great ...
    (microsoft.public.windows.server.networking)
  • Re: Collection of email
    ... server 2003), and FTP support, and a few other things as well. ... I think you are using ISA as your firewall. ... I don't think you have that option, though is your internet connection ...
    (microsoft.public.inetserver.iis.smtp_nntp)