From: Deus, Attonbitus (Thor@HammerofGod.com)
Date: Wed Jun 26 2002 - 10:34:18 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 08:50 AM 6/25/2002, Andrews, Ryan wrote:
>Here's a question for those conducting pen tests against reverse proxies:
>what are your opinions of reverse proxies?
Hey Ryan-
Reverse Proxy (or server publishing) can be a double-edged sword... The
obvious benefit is that you can have one box on the hostile network that is
hardened to spec, but that can publish to several internal boxes on the
service ports you want. From the network standpoint, it can cut way down
on administration.
However, if someone finds a hole in your application, they can gain access
to the internal network. As long as you know the risks and plan for them,
publishing can be an important security measure.
hth
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPRnQ6ohsmyD15h5gEQL5gQCggfrJ6h21W9ROWxRhcLBKs3ZkwOMAn2Kt
cu5+b0ngGPfJbPIcPzvfeL8R
=e4J+
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:22 EDT