What type of security problems are mitigated by this .NET architecture?
Posted
by Jonno
on Server Fault
See other posts from Server Fault
or by Jonno
Published on 2010-06-16T12:54:23Z
Indexed on
2010/06/16
13:13 UTC
Read the original article
Hit count: 240
Given the following physical layout for a .NET web application:
DB (sql server, windows) - No public route (no table access, only stored procs)
Web Service DAL (iis, windows) - No public route (can be accessed by web server via port 80 and 443)
Web Server (iis, windows) - Public route (only via port 80 and 443)
What type(s) / examples of attack could be used to compromise the public web server but would be blocked by the Web Service DAL? i.e. can you think of concrete attack types that the DAL stops?
Please note, I am interested only in the security aspect, not scaling / fault tolerance / performance / etc.
In my mind if the web server has been compromised using an attack over port 80/443, then the same attack would work over port 80/443 to the Web Service DAL box.
© Server Fault or respective owner