|
WebApp Sec
mailing list archives
Re: Reverse Proxy Server?
From: Bob Lee <crazybob () crazybob org>
Date: Wed, 28 May 2003 08:45:13 -0500
On Tuesday, May 27, 2003, at 06:25 PM, Don Felgar wrote:
Not true. Granting a small set of IP's access to your server nearly
nullifies the possibility of a portscanner discovering a vulnerability
in your server. It is much safer than not doing so. That is not to
say that you should forego passwords and encryption, if that's what
you meant.
It may or may not be scalable, depending on your situation. NAT may
not be a problem if you are granting access to an entire organization.
Dynamic IP's are usually within a narrow range, so easily handled.
Also ARP poisoning is an extra hurdle that the determined cracker has
to get around.
You should limit IP access to all services where it's practical.
--Don
100% right. I read it too fast and missed that this was in addition to
other authentication methods.
Bob
 By Date 
By Thread
Current thread:
|
Intro
