Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 18.6 Dependence on Third PartiesChapter 18
WWW Security
Next: 19. RPC, NIS, NIS+,  and Kerberos
 

18.7 Summary

One of the principal goals of good security management is to prevent the disclosure of privileged information. Running a WWW service implies providing information, quickly and in volume. These two ideas pose a serious conflict, especially given how recently these services and software have appeared and how rapidly they are evolving. We have no way of anticipating all the failure modes and problems these services may bring.

We strongly recommend that you consider running an WWW service on a stripped-down machine that has been especially designated for that purpose. Put the machine outside your firewall, and let the world have access to it ... and only to it.


Previous: 18.6 Dependence on Third PartiesPractical UNIX & Internet SecurityNext: 19. RPC, NIS, NIS+,  and Kerberos
18.6 Dependence on Third PartiesBook Index19. RPC, NIS, NIS+, and Kerberos