Home page logo
/

basics logo Security Basics mailing list archives

Re: Question about dmz security
From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 14 Feb 2003 15:46:42 -0800

From: "Jennifer Fountain" <JFountain () rbinc com>
I need an opinion on a current design implementation in place.  We have
an ftp server sitting in our dmz.  This box has two nics - one is
plugged into the dmz hub and one is plugged into our network.  I think
this is a security risk and we should just allow internal users access
to the box via the firewall by opening the port instead of having dual
nics.  they do not see a security risk. maybe i am just too new at this
and need some education.  what is the "best" way to implement this
configuration?

If you have a nic from the dmz connected to your internal network it completely bypasses your firewall, which is usually considered a "bad thing" as it negates your security precautions.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Quick, easy, or cheap; pick any two."

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]