Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

RES: DMZ design
From: Flávio Pareira <fpereirabr () yahoo com br>
Date: Sun, 31 Aug 2003 14:46:34 -0300

        In my company I use this scheme:

        _________                 ______        
     |     |  _ _ _  |      |
        FireWall        _ _ _   Router  >> Internet
     |_________|                 |______|
        |       |
        |       |
        |       |
  Office LAN  |                         
              |
             DMZ (Development)


        And in this structure I just setup the FW to provide the better
security possible, restrict access to internet from DMZ (in and out),
DMZ cannot access the Office LAN (nothing) and from Office LAN just the
necessary access to the internet (e-mail, http and any other port access
really necessary).

        I hope to be help you!!!

Flávio Pereira
fpereirabr () yahoo com br  
flavio_it () hotmail com (MSN)
ICQ: 62382441
 


-----Mensagem original-----
De: me null [mailto:me_null () hotmail com] 
Enviada em: quarta-feira, 27 de agosto de 2003 02:29
Para: security-basics () securityfocus com
Assunto: DMZ design


Hello i was hoping someone could answer a couple questions i had bout
DMZ 
design. Speeking from a serurity stand point is it best to have ur DMZ
and 
Internal Network seperated by a router (option 1) or is it better to
have ur 
Internal Net. connect to the internet through the DMZ (option2) all help
is 
appracated thx

option 1     internet
                     |
       DMZ --- router ---- Network

option 2  internet -- DMZ --- Network

_________________________________________________________________
Get MSN 8 and enjoy automatic e-mail virus protection.   
http://join.msn.com/?page=features/virus


------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Federal, September 29-30
(Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event
in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
  • RES: DMZ design Flávio Pareira (Sep 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]