Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Access Internal and External Networks
From: alias () securityfocus com
Date: Mon, 22 Sep 2003 14:39:35 +0300
IMHO, and given these choices, go for 2. For the first choice, you should at 
best build a firewall for every machine individually, which is a trouble by 
itself. Moreover, you do not create a chokepoint or single point of failure 
that is generally considered a good idea when building firewalls. Finally, 
properly setting up the machine that will do the DNATing, you will have more 
control over what goes to the servers and what not.

just my 0.02

CG

On Friday 19 September 2003 01:42, william () orlitech com au wrote:

I have a need for some servers to access both the external network and the
internal network and am wondering which approach would be best:

1. 2 NIC's in each server one connected to the external network and one
connected to the internal network

2. 1 NIC in each server connected to the internal network and DNAT the
required ports from the external address to the internal address

Thanks

William



____________________________________________________________________
http://www.freemail.gr - ������ �������� ������������ ������������.
http://www.freemail.gr - free email service for the Greek-speaking.

---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]