Depending on your server load, put a firewall up in front of the NT
boxes and just let www through to them.

I've been at more than one company that had public/DMZ/private
networks set up as open/limited/closed for external surfer access.


\_ I am seting up a firewall for work using the standard
\_ squid/ipchains/marquerade setup.  Our e-commerce servers are going to be on
\_ the public side of the firewall, they all run IIS on NT because our product
\_ is written in visual fox pro.  Now the programmers on the private side of
\_ the firewall are going to want to be able to map drives on the public
\_ servers to change data.  [...]

David