RE: Which Firewall solutions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You put information systems in the DMZ that are meant to openly
accessible to an unprotected network such as the Internet. Example: www,
e-mail, ftp.

The purpose of the DMZ is to create a segregated network and having
those systems with the most exposure by themselves. If a "hacker" breaks
into your www server you have a better chance of the person not being
able to adulterate the rest of your network since logically it shouldn't
have any ties with your DMZ segment.

James Williams
Network Systems Engineer

-----Original Message-----
From: shrike-list-admin@xxxxxxxxxx [mailto:shrike-list-admin@xxxxxxxxxx]
On Behalf Of Buck
Sent: Monday, October 06, 2003 8:19 AM
To: shrike-list@xxxxxxxxxx
Subject: RE: Which Firewall solutions


I am a bit new to Linux, but for the last three years DMZ on a firewall
has represented an open, unprotected address.

I sometimes set the DMZ to my computer which has a software firewall so
I can do things normally blocked by the firewall.  This isn't some fluke
as I have used three hardware firewalls and all agree.  Also, the book
"Red Hat Internet Server" talks about the DMZ and in its description and
drawing it agrees.  The DMZ is an unprotected area of the network.  The
diagram used shows the internet, the DMZ and then the firewall.  The web
server and email server were in the DMZ and the network file server and
workstations were all protected by the firewall.  In several cases, I
found the authors puzzled as to how it was named after the DMZ war zone
when it appears to have the opposite meaning from the Viet Nam and Korea
wars.

In everything I have read and used, the last place to put a server is in
the DMZ. 

Buck

-----Original Message-----
From: shrike-list-admin@xxxxxxxxxx [mailto:shrike-list-admin@xxxxxxxxxx]
On Behalf Of Rodolfo J. Paiz
Sent: Monday, October 06, 2003 5:24 AM
To: shrike-list@xxxxxxxxxx
Subject: RE: Which Firewall solutions



DMZ is "demilitarized zone," a term IIRC created in the Vietnam War.
Means 
an area where neither side goes freely and all traffic is watched. You 
generally put servers in there, so NOTHING comes into your internal
network 
and it is easier to secure: both your internal clients and the people
out 
on the Internet connect to servers in the DMZ. The DMZ servers, in turn,
do 
not need free access to the Internet so you can lock them down more 
tightly, another improvement to security. This is the way I see it,
anyway; 
it's not a texboot definition.


-- 
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx


-- 
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list





-- 
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list


-- 
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list

[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux