On Wednesday 11 December 2002 10:11 pm, Mark M. Barrios wrote:
> since you are using a private ip block on your network you dont need to
> block ports to your network because your ips are nonroutable to the
> outside, meaning they cant be seen or accessed from the outside/internet
no, i'm also using a DMZ. that means that one of my boxes inside the
private network is visible to the outside world because any originating
requests from out there are automatically routed by the NAT router to
the DMZ box (normally originating requests from external clients are
dropped by the router since it doesn't know which internal host to forward
it to, unless i also have port forwarding on for particular ports).
so, if there *were* a telnet server on the box, and i did not specifically
block that port on the router (well, i don't block it really, no way to do
that on this cheap router, instead i just redirect that port to a host that
doesn't exist, see previous post) then requests to telnet from outside
would be redirected to the DMZ host. i wouldn't mind if the DMZ host
were linux. unfortunately, the DMZ host is windows, since the only
reason i'm opening it up is for gaming :).
tiger
--
Gerald Timothy Quimpo tiger*quimpo*org gquimpo*sni-inc.com tiger*sni*ph
Public Key: "gpg --keyserver pgp.mit.edu --recv-keys 672F4C78"
Veritas liberabit vos.
Doveryai no proveryai.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
