[ale] Web Server -> DB question

[Jennifer Taylor]

I have a client who wishes to set up a web server on one machine with dual NICs (one outside, one inside) and place a database server on another machine that lives on the internal network.

Now, keep in mind that this client has no existing firewall set up.  Everything they do is either entirely outside or entirely inside and never the twain shall meet.  I guess they're sorta thinking of a baby DMZ here, but I'd like your thoughts on how to implement this setup in the most secure manner possible.

The goals here are to a)secure the data 
b) securely transmit data between the outside web server and the inside or DMZ db server

I'm of the opinion that they'd be better off purchasing a dedicated firewall (or setting one up on an old linux box) and placing it between the two machines, instead of using IPCHAINS on the apache box.  

Any suggestions?  Thanks in advance

Jenn
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.