Allowing apache external access

snipped-for-privacy@hotmail.com wrote in news:1130171783.992684.65960 @g14g2000cwa.googlegroups.com:

Well, if you're going to use something like ZA to protect a machine that's running a WEB server on a NT based O/S being exposed to the public Internet, then why not just put it out there with nothing protecting it, because that's all you're doing and it's nothing but hack bait?

If you're using Apache as the Web server but neglect or don't know how to secure the NT based O/S, file system, registry, user accounts, possibly Apache itself for a machine that's being exposed to the public Internet, then why not just put it out there doing nothing, because the machine is nothing but *hack* bait and a jumping off point to attack other machines out there on the Internet?

If you're asking the questions above, then it's obvious you have not done your homework starting with thinking that a PFW solution is going to protect a WEB server.

Duane :)

Duane :)

The music files are all on a hard drive without an operating system (secondary drive in PC at this point). I have lots of other PC's laying around. Could I setup something "outside" the firewall, that a PC inside the firewall could reach without lowering my network's security? If not, I suppose I could setup something outside the firewall, that simply carries duplicates of the music files "inside."

John Jones, Detroit

Within the last two weeks I saw a "how-to" on setting up Apache, to allow password-protected access to read-only music files on an XP machine, through a firewall. Didn't print it out, and now I can't find it. Can you point me towards someplace I might be able to figure this setup out?

John Jones, Detroit

John Jones wrote in news: snipped-for-privacy@4ax.com:

What FW are you talking about a PFW, a NAT router or what?

Duane :)

I currently have an SMC Barricade with some kind of firewall, but given its age it probably needs to be replaced.

John Jones, Detroit

John Jones wrote in news: snipped-for-privacy@4ax.com:

Well, the only thing I can tell you is to use two routers. One as the gateway router where you could connect the share machine to it and port forward whatever ports you need forwarded to the machine. The second router would be in switch mode used as a switch and it would be configured to use one of the gateway router's static IP(s) and would be set to a different Subnet Mask than the one the gateway router is using so that machines connected to both devices couldn't access each other.

If I needed to copy files to the share machine, I would use a DVD/CD read/write device and cut a CD on a machine in the safe zone and put it into a device on the machine in what I would call the un-trusted zone. The machines using the switch will still be able to access the Internet. But machines on the switch and the machine on the gateway router would never be able to share resources or access each other.

I am sure there are other ways but that's the best I can tell you.

Duane :)