NYCPHP Meetup

NYPHP.org

[nycphp-talk] Secure (XML-RPC) connection

Faber Fedor faber at linuxnj.com
Wed Mar 24 17:09:49 EST 2004


On Wed, Mar 24, 2004 at 04:46:17PM -0500, Daniel Convissor wrote:
> On Wed, Mar 24, 2004 at 01:51:22PM -0500, Faber Fedor wrote:
> > 
> > Nothing is open from the outside.  All traffice is initiated from the
> > inside. Like this::
> > 
> > Internal network -------firewall------ Big Bad Internet
> >                      |            |
> > Production Server----|            |------web server
> 
> Well, if the production server is never supposed to see traffic from the 
> outside world but needs contacting from inside the company, have a 
> completely separate network.  But this isn't what you're asking about.

IOW, a DMZ.

> None the less, it can be part of your solution.  Are the web server and
> production server on the same premesis?  If so, you can create a real
> private network between them.  

<head hits desk> I've spent a week trying to set up a VPN and I could
have done an RPN in an hour! Jeeez....

> Of course, this doesn't let one completely
> off the hook, since the web server can be compromised and then make
> attempts to subvert the production server.  But it's better than nothing
> if connectivity is needed between the web and production servers.

True.  That's one of the reasons I'm against it, but the suits have
other ideas. <shrug>


Thanks for all the ideas guys.  I have enough ideas and ammo that I can
move this project forward.

-- 
 
Regards,
 
Faber                     

Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com






More information about the talk mailing list