Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
AW: [suse-security] How many firewalls?
  • From: Peer Stefan <stefan.peer@xxxxxxxx>
  • Date: Wed, 16 Jan 2002 08:59:34 +0100
  • Message-id: <3559BA35534FD511A1200002557C39B0AFBA@xxxxxxxxxxxxxxxxxxxxx>
Hi Max,

There is no "this is the best solution", it depends on what kind of services
you're running in the DMZ. If it's just ftp, mail and web then it's ok to
set up a single firewall.
If you want to run Samba, NFS and other more complex services I would
suggest your first solution with 2 firewalls because of configuration
errors. It's not automatically safer because of the 2 firewalls, but it will
prevent potential administrative errors (like setting the wrong rules to the
wrong nic ...)
Try to set up a sample configuration and scan all the firewall's ports (from
all networks) and decide for yourself.

cheers,
Stefan


-----Urspr√ľngliche Nachricht-----
Von: Max Lindner [mailto:ml@xxxxxxx]
Gesendet: Dienstag, 15. Jänner 2002 20:30
An: suse-security@xxxxxxxx
Betreff: [suse-security] How many firewalls?


Hi!

I want to set a up a DMZ in my school.
The only thing I want to know, is:

- Internet -> HARDWARE-ROUTER -> FW -> DMZ -> FW -> Intranet

or

- Internet
|
|
Hardware-Router
|
|
|
FW
DMZ _______/\______Intranet

(I hope, this ascii art is good enough... :-/)

Our school has no good connection and low traffic but this is for a
skilled work (the german term is 'Facharbeit') and so I want a really
secure thing (no, I won't cut the cable ;-D).

Any comments or proposals?

Thanks,
Max



--
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx

< Previous Next >
This Thread
  • No further messages