I recently put a server with Oracle Db behind a FW. NAT is used for LAN
users to get services from the server, while its ip is in different
subnet with LAN. Ports opened are only limited to ftp, telnet, oracle,
ping, and sendmail. Only connection to outside world for this server is
through sqlnet, and it can send emails but not receive emails.
I am challenged by some top gun with question of "can this server
be seen while someone hack into LAN".
I believed it is secured:
1) it uses different subnet and uses NAT
2) its services are limited and only those ports are open
3) user accounts are already there.
I really want to hear different views to help me sort things out.