getting to www servers from inside where they have an Internal IP
Monty J. Harder
mjharder at gmail.com
Mon Jan 30 09:59:25 CST 2006
On 1/30/06, Jeremy Fowler <JFowler at westrope.com> wrote:
>
> Well, I think the only security reason to run an http server on a port
> other than 80 is to hide it from the general public. Port scanners can get
> around this hurdle quite easily though. Plus, the fact that you SNAT port 80
> to that
"Security through obscurity" isn't. The obscurity just makes it difficult
for you to administer it. Put the stupid thing on port 80, do the split DNS
that serves the internal IP to the internal machines, and if the internal IP
must be changed, change it in DNS. What's the big deal?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kclug.org/pipermail/kclug/attachments/20060130/3f261463/attachment.htm
More information about the Kclug
mailing list