Am I missing something subtle here? My reading of Cheswick & Bellovin left me with the
impression that a DMZ (c.f., Vietnam and Korean conflicts) looked more like this:
INTERNET
|
EXTERIOR FIREWALL
|
(DMZ)---[various servers]
|
INTERIOR FIREWALL
|
INTRANET
> here is the configuration:
>
> INTERNET
> |
> FIREWALL------DMZ----[dns,www,ftp servers]
> |
> CO. Network
>
> the DNS is in the DMZ. and this DNS is to have the
> entries for www,ftp and the firewall external IP
> address facing the internet.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
