Problem solve Get help with specific problems with your technologies, process and projects.

Using an NT server as an Internet gateway

I would like to know if it's a good idea to put an NT server (primary domain controller) as an Internet gateway...

(with a proxy like Wingate)? Or is it more prudent to use a workstation on the LAN for this job?

I would definately avoid using my PDC as an Internet gateway. There is a great deal of danger in doing so! There is a huge amount of functionality on the box for an attacker to compromise. If they do take over the machine, you lose in all sorts of ways -- the attacker has complete access to your systems from the Internet and can pose as any user! Yikes!

I would use a minimal install of Windows workstation as my Internet gateway. Don't just use one on the LAN; use it as a true dual-homed gateway separating your LAN from the Internet. Wingate is a fine tool to use for filtering on such a machine in a small environment (5 to 25 machines); I've used it in many small networks.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure & Network Security
WhatIs.com Definition: Wingate

This was last published in August 2002

Dig Deeper on Web application and API security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.