Need suggestions for demo'ing client work securely
Tom Metro
blu at vl.com
Mon Nov 14 13:07:10 EST 2005
kirblam at comcast.net wrote:
> ...I'm looking for suggestions for demo'ing client work that's more
> secure than simply opening up port 80. And I'd like to assume that there
> could be more than one client in the future so it should be something
> that could be repeated "n" times.
The simplest and most secure (with respect to your LAN) solution is to
simply outsource this problem and purchase web hosting services. See the
recent thread on web hosting providers.
> I have a Suse 9.3 box running behind a Linksys WRT54GS. My ISP is Comcast.
> My skills are mainly web development (12 years) not administration...
If you do go for an "in-house" solution, I wouldn't recommend a VPN for
accessing a site that will be used as a demo or staging site for
multiple clients. The overhead of installing VPN software and getting it
working will inconvenience your clients.
SSL, as Derek Atkins suggested, is probably the next step in the right
direction.
Better yet, upgrade your Linksys WRT54GS to a higher-end router that
supports a real DMZ, place your Suse box into the DMZ and dedicate it to
web hosting (i.e. remove any sensitive information, such as mail
archives, from the machine). Install a software firewall on the machine,
run intrusion detection software, and keep it current with patches.
If you want to be more adventurous, install OpenWRT on your Linksys
WRT54GS, and save the cost of upgrading to another router.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list