Is NAT can provide some kind of protection?

• Previous message (by thread): Is NAT can provide some kind of protection?
• Next message (by thread): Is NAT can provide some kind of protection?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/13/2011 11:56 AM, William Herrin wrote:

> So all the folks who use reverse proxies like an http accellerator are wrong?
>
>

They have their purpose. However, depending on the security rating of 
the accelerator versus the security rating of the backend server will 
depend on the negative or positive effect it has on overall security.

1) If backend server has low security rating and proxy also serves to 
protect backend server flaws, then the proxy has a positive security rating.

2) If backend server is similar or better security rating than the 
proxy, then the proxy server has a negative security rating, as it has 
introduced a second application in the channel which can possibly be 
exploited. ie, you have to worry about backend server security as well 
as the proxy security, and exploiting either can possibly compromise 
security for both.


Jack

• Previous message (by thread): Is NAT can provide some kind of protection?
• Next message (by thread): Is NAT can provide some kind of protection?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]