mailing list archives
Re: Question about dmz security
From: Chuck Swiger <cswiger () mac com>
Date: Sat, 15 Feb 2003 13:11:27 -0500
Jennifer Fountain wrote:
I need an opinion on a current design implementation in place. We have
an ftp server sitting in our dmz. This box has two nics - one is
plugged into the dmz hub and one is plugged into our network. I think
this is a security risk and we should just allow internal users access
to the box via the firewall by opening the port instead of having dual
It is a security risk, yes. If an intruder gains access to the FTP
server, this dual-homed machine will also grant access to the internal
network; by going around (not through) the firewall between your DMZ and
> they do not see a security risk. maybe i am just too new at this
and need some education.
If so, there are probably worse places to begin than thinking the
situation over carefully, and then double-checking with others to see
whether you were right.
> what is the "best" way to implement this configuration?
Your suggested approach is the '"best" way', for that configuration.
However, better configurations may also be possible: in particular, if
your users can use scp (sftp, rsync, etc) to access the FTP server.
Authenticated access should be encrypted if possible.
If one's users aren't able or willing to switch, I'd even consider
setting up an internal-only FTP server which gets rsync'ed to the
anonymous FTP server in your DMZ. One could do so via cron every
minute, or one could use the internal FTP server as a staging area.
Before pushing changes live, you could do something like scan for
virusses, double-check that the archives are not corrupted, or whatever
else might be appropriate.