[ale] Netgear wireless router as hub
Geoffrey
esoteric at 3times25.net
Mon Mar 6 08:04:57 EST 2006
H. A. Story wrote:
>
> Geoffrey wrote:
> I was referring to the http,ssh,ftp,etc.... logs from all the port
> scans. Maybe I should pull the book out and re-read this part.
>
>> What is the purpose of a dmz if nothing is there???
>>
>> Typically, I have a firewall that leads to a dmz. In that dmz you might
>> have a webserver. The dmz subnet does not contain any routable ips.
>> Web requests are simply forwarded to the webserver from the firewall.
>>
>> That firewall is then connected to another firewall that sits between
>> the dmz and the local network. The dmz and local network have different
>> subnets, neither that are routable. It's a perfectly workable solution.
>>
>>
>>
> Doesn't that mean next too not between, Logically?
>
> /> (eth1)internal network
> Internet <-> (eth0) bastion firewall
> \> (eth2)DMZ "webserver"
To better clarify. Yes, there are two nics on the bastion one goes to
the dmz, the other goes to another firewall that has the internal
network behind it. Using your example above:
/> choke firewall <-> internal network
Internet <-> bastion firewall
\> (eth2)DMZ "webserver"
--
Until later, Geoffrey
War never solved anything, well, except slavery, fascism and communism
More information about the Ale
mailing list