Security Basics mailing list archives
RE: Question about dmz security
From: Marc Suttle <marc.suttle () anidirect com>
Date: Mon, 17 Feb 2003 11:25:43 -0600
You could have a dedicated nick on the dmz going to a dedicated nick on the internal network. However I would just recommend you disable that nick and put the traffic rules you need on the firewall for the dmz to internal. M -----Original Message----- From: David M. Fetter [mailto:dfetter () setec-astronomy biz] Sent: Friday, February 14, 2003 5:49 PM To: Jennifer Fountain Cc: security-basics () securityfocus com Subject: Re: Question about dmz security That's definitely a security risk because that system essentially bypasses your firewall altogether. You are right in your suggestion. Jennifer Fountain wrote:
I need an opinion on a current design implementation in place. We have an ftp server sitting in our dmz. This box has two nics - one is plugged into the dmz hub and one is plugged into our network. I think this is a security risk and we should just allow internal users access to the box via the firewall by opening the port instead of having dual nics. they do not see a security risk. maybe i am just too new at this and need some education. what is the "best" way to implement this configuration? Thank you Jenn Fountain
-- David M. Fetter (MegaSurge) - http://www.setec-astronomy.biz/ "The world is full of power and energy and a person can go far by just skimming off a tiny bit of it." Neal Stephenson - Snow Crash
Current thread:
- Re: Question about dmz security, (continued)
- Re: Question about dmz security Chuck Swiger (Feb 17)
- Re: Question about dmz security mlh (Feb 18)
- Re: Question about dmz security Chuck Swiger (Feb 19)
- Re: Question about dmz security mlh (Feb 18)
- RE: Question about dmz security David Gillett (Feb 19)
- Re: Question about dmz security Chris Berry (Feb 17)
- Question about dmz security John Tolmachoff (Feb 17)
- RE: Question about dmz security Daniel R. Miessler (Feb 18)
- RE: Question about dmz security Jeremy Gaddis (Feb 20)
- RE: Question about dmz security Daniel R. Miessler (Feb 18)
- Re: Question about dmz security abretten (Feb 17)
- RE: Question about dmz security Garbrecht, Frederick (Feb 17)
- RE: Question about dmz security Marc Suttle (Feb 17)
- Re: Question about dmz security Chuck Swiger (Feb 17)