Re: HELP getting confused with DNS And Exchange
- From: "Kathy" <vbtskje@xxxxxxxxxxxxxxxx>
- Date: Wed, 5 Oct 2005 22:00:18 +0100
Unless you have tons of bandwidth, the norm is not to host your own web
server in a small business environment. If you want something with more
control than the average hosting package, the "norm" would be to go for a
dedicated server with someone like Rackspace.
Otherwise I suppose you'd put standalone (not member) servers in a DMZ for
web and one DNS and pay for a second DNS server on a different subnet
somewhere.
Just my 2p
Kathy
"Rick" <Rick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D66F710E-0261-4FCE-8F13-48EAE73BCAF5@xxxxxxxxxxxxxxxx
> "Leythos" wrote:
> > It's actually simple, and it's also part of security norms if you care
> > about them.
>
> If I care about them? I'm ASKING about them. Of course I care about
them.
>
> OK, good point on having a public web site on the system with user
> information.
>
> However it seems to me that the marketing position of SBS is inconsistent
> with the best practices for it's implementation. I'm just griping about
that.
>
> As I wrote before, I just put up a second server for my databases to get
> them off of the SBS. All I do have on the SBS anymore is the user
> information, Exchange, and the deployed COPY of the web site.
>
> So, I guess what I'm searching for is the best practice (or norm) for
> putting up a web server in such a small environment. My web server must
have
> connectivity to my database server. Is the "norm" simply that I should
put
> up another server that does IIS only and NAT 80/443 from the firewall to
the
> new web server? If that's the answer, I will be glad to have an answer.
>
> If that's not the answer, can you please explain what is the safe way to
> host your own web server in a small SBS environment?
>
> Thanks,
> -Rick
>
>
> > Hosting a website on your server, the one that contains your users
> > information, your company data, your personal information, anything you
> > don=3Ft want exposed to the world, is a bad idea - why? Well, count how
> > many web servers get compromised, count how many people misconfigured
> > them (not counting sbs itself), count how many people use weak
> > passwords, count how many people install SBS behind a NAT router instead
> > of a firewall, count how many people don=3Ft know how to harden an
exposed
> > box.....
> >
> > It=3Fs not about it being Windows, heck, we=3Fve got about 40 IIS web
> > servers exposed across the USA and India and have never had one hacked,
> > but we=3Fre also not about to put them in our LAN or expose our LAN
> > systems to them.
> >
> > If you have taken the time to look at your firewall logs, you have one
> > right?, you would see thousands of hack attempts each day - and once
> > they find a hole in the system they have your ENTIRE server.
> >
> > I=3Fve seen computers (2000/XP and servers 2000/2003) compromised in
under
> > 2 hours when they were put online exposing IIS to the public internet
> > without being properly configured.....
> >
> > Do you really want to risk this?
> >
> > --
> >
> > spam999free@xxxxxxxxxx
> > remove 999 in order to email me
> >
.
- Follow-Ups:
- Prev by Date: ghost a drive on the server with 10.0
- Next by Date: restore?
- Previous by thread: ghost a drive on the server with 10.0
- Next by thread: Re: HELP getting confused with DNS And Exchange
- Index(es):
Relevant Pages
|
