Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Lazo on April 17, 2002, 08:03:15 PM
-
What is a DMZ and can I set one?? Thanks!!
-
A DMZ is a Demiliterized zone. Which is when you have a firewall in the beguinning of your network then your web server and any other "less secure" components of your network (eg. Wireless access point). Then a firewall behind the web server. Isolating your web server from the rest of your network.
hope this helps :0)
-
In an attempt to illustrate this, here's a bit of ascii art:
O--|--O--|--O
A B C
Each | is a firewall.
A is the internet gateway to the rest of the world.
B is/are the DMZ server(s)
C is the internal network.
The idea is that all publicly accessable web services are provided by machine B and all the important stuff is kept on the internal LAN (in or around Machine C).
If somebody hacks their way into B then they still can't access the internal LAN due to the extra firewall between B & C.
The easiest way to impliment this with e-smith ,that I can think of', is to have two E-smith boxes like so:
A is your ISP.
One SME takes the part of B in the picture above with the only machine on its internal LAN being machine C.
Machine C is your second SME server and its connects to your local LAN (as per 'normal').
Regards,
Luke
-
Often its achived by using one firewall with 3 or more NICs and configuring rules between the interfaces.
Example: smoothwall (RED, GREEN, ORANGE interfaces).
-
Smoothwall...Now I'm trully scared :)
-
Thanks for the info!!
-
what is a black eye and how do i get one???
I just love these qustions...