Solved

Windows 2000 Server - Access ASP Application that sits behind firewall

Posted on 2004-10-21
141 Views
Last Modified: 2013-12-04
Have a Win 2000 Server running IIS on a private LAN. Our company has a custom made ASP timekeeping application that allows to people enter employee work hours and the project number they worked on for the previous day. There is really no sensitive information used with this app. The employee numbers are not the SSN and the pay rates are not available. What are the security risks of mapping all the http requests to the server so that people could enter time remotely from outside the private LAN. We use NAT on our LAN. The server is 192.168.1.2 with the firewall/gateway being 192.168.1.1 (I don't know a lot about networking).

Thanks, very curious
0
Question by:cshorey
    2 Comments
     
    LVL 8

    Accepted Solution

    by:
    Many a web server is configured that way. For added protection, you can have NTFS permissions set on the web server folders so that stray people cant get in but that would cause the user to have the authenticate into the server and then authenticate into the software.

    Anytime you allow access, you open potential security holes. Make sure you keep the system up-to-date with all patches to keep it as secure as possible.
    0
     

    Author Comment

    by:cshorey
    Thanks, changing permissions sound like a good idea with mild inconvenience to users.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Cisco Complete Network Certification Training

    If you’re an IT engineer or technician, it's time you take your career to the next level. This elite training bundle is brimming with all of the information you need to learn to sit for Cisco CNNA, CCNP, and CCENT certification exams.

    Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now