No offense but what kind of moron develops on a production box???

..... Windows one....


The Wolf

p.s.

    Definatelly you should have DMZ for this one.

Mike have outlined it perfectly.



Joel Dudley wrote:

> I am seting up a firewall for work using the standard
> squid/ipchains/marquerade setup.  Our e-commerce servers are going to be on
> the public side of the firewall, they all run IIS on NT because our product
> is written in visual fox pro.  Now the programmers on the private side of
> the firewall are going to want to be able to map drives on the public
> servers to change data.  I told them that this is a no-no and that they
> should just use the development server I set up to make changes.  Turns out
> they wont listen to me and the boss agrees with them.  I beleive that all NT
> domain control will go out the window when I implement the firewall (if i
> set it up right), so all of the servers will reside in their own isolated
> "commerce" domain.  is there any way I can allow this wondoze freaks to map
> drives accross tis network without comprimising too much security?  maybe I
> sould just allow ftp access accross from the internal network.  Thanks for
> any ideas on this situation.
>
> - Joel
>
> _______________________________________________
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

--
"The questions is not if we are paranoid,
the question is if we are paranoid enough."