home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 18.6 Dependence on Third Parties Chapter 18
WWW Security
Next: 19. RPC, NIS, NIS+,  and Kerberos
 

18.7 Summary

One of the principal goals of good security management is to prevent the disclosure of privileged information. Running a WWW service implies providing information, quickly and in volume. These two ideas pose a serious conflict, especially given how recently these services and software have appeared and how rapidly they are evolving. We have no way of anticipating all the failure modes and problems these services may bring.

We strongly recommend that you consider running an WWW service on a stripped-down machine that has been especially designated for that purpose. Put the machine outside your firewall, and let the world have access to it ... and only to it.


Previous: 18.6 Dependence on Third Parties Practical UNIX & Internet Security Next: 19. RPC, NIS, NIS+,  and Kerberos
18.6 Dependence on Third Parties Book Index 19. RPC, NIS, NIS+, and Kerberos