Windows 2000 Server - Access ASP Application that sits behind firewall

Have a Win 2000 Server running IIS on a private LAN. Our company has a custom made ASP timekeeping application that allows to people enter employee work hours and the project number they worked on for the previous day. There is really no sensitive information used with this app. The employee numbers are not the SSN and the pay rates are not available. What are the security risks of mapping all the http requests to the server so that people could enter time remotely from outside the private LAN. We use NAT on our LAN. The server is 192.168.1.2 with the firewall/gateway being 192.168.1.1 (I don't know a lot about networking).

Thanks, very curious
cshoreyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KerryGCommented:
Many a web server is configured that way. For added protection, you can have NTFS permissions set on the web server folders so that stray people cant get in but that would cause the user to have the authenticate into the server and then authenticate into the software.

Anytime you allow access, you open potential security holes. Make sure you keep the system up-to-date with all patches to keep it as secure as possible.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cshoreyAuthor Commented:
Thanks, changing permissions sound like a good idea with mild inconvenience to users.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.