[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cfservd access through firewall - dangerous ?
|
From: |
Adrian Phillips |
|
Subject: |
Re: Cfservd access through firewall - dangerous ? |
|
Date: |
29 Apr 2002 11:47:03 +0200 |
|
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 |
>>>>> "Adrian" == Adrian Phillips <a.phillips@dnmi.no> writes:
Adrian> I'd been thinking about how machines external to our
Adrian> firewall could have access to cfservd, and basically had
Adrian> resigned myself to skipping copy and using scp or rsync to
Adrian> copy files to them.
Adrian> Somebody posted that they open a hole/tunnel in the
Adrian> firewall to the cfservd which I thought could be a
Adrian> I suppose one solution to this concern is to mirror the
Adrian> cfengine setup to an external cfengine server.
Actually, one suggestion from the director was to mirror to another
internal machine, our internal machines use the main server and the
firewall would tunnel to the copy. If the copy somehow gets cracked
then only our external machines would be comprimised. This could be
expanded further to have a seperate cfservd for a primary external
system and another for the backup system (most of our applications
have a primary and backup).
Sincerely,
Adrian Phillips
--
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now? [OK]
Re: Cfservd access through firewall - dangerous ?,
Adrian Phillips <=
Re: Cfservd access through firewall - dangerous ?, Mark . Burgess, 2002/04/29