Security question
Sasa Stupar
sasa at stupar.homelinux.net
Tue Apr 5 13:05:39 UTC 2005
--On mardi 5 avril 2005 14:35 +0200 Roger Grosswiler <roger at gwch.net> wrote:
>> Hi!
>>
>> I want to hear your opinion on the following net configurations:
>> 1. cablemodem -> router -> server in DMZ
>> -> LAN users
>> 2. cablemodem -> router/server -> LAN users
>>
>> Which one is more secure and what are the risks on each one?
>>
>> Regards,
>> Sasa--
> Sasa,
>
> a) What kind of server are we talking of?
>
> b) assuming it's a web- /mailserver, i would prefer version 1.
> Is this a SOHO-installation with a small SOHO-Router? Be careful, as many
> of them indicate a DMZ in the meaning, that they just forward all
> incoming ports to a local machine (except the request from your lan of
> course), but the server often has just his own local protection, as they
> often exclude firewalling for DMZ-Computers
>
> c) i would never use a web- or mailserver as additional router to surf.
> Advantage here: you would have the chance to install squid on it.
>
> Roger
>
Yes, it is a web/mail/samba server.
For router I am thinking to use Smoothwall with three NIC's.
Sasa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050405/15206589/attachment-0002.bin
More information about the users
mailing list