My linux box is my firewall, I dont like having a database sitting on the firewall. Mysql has a history of security issues, and I keep ALOT of sensitive data in my database, so I dont like it being in the DMZ. The firewall would keep out most common exploits, but I still think its a good idea for a few different reasons.
If I had a seperate linux box to act as a database server, I'd put it there, but my windows box is actually a pretty good choice. Fast processor, alot of memory, few running processes on it, and it's only accessible when you are ON the linux server, or from localhost. Plus, very few of my programs that are hitting it are high load anyway, so Im not really worried about performance issues.
|