DMZ public IPs and such

2005-06-14 Thread Michael Ben-Nes
Hi Everyone I installed IPCOP with RED/GREEN/ORANGE (dmz ) legs. The DMZ use internal address of 192.168.1.x On the DMZ i have a mail server and a web server Currently i cant telnet port 25 from the webserver to the real public IP of the mail server. I been told on IPCOP list to resolv

DMZ Variant

2003-09-22 Thread landau_alex
Hi all! I have a linux box with 2 network interfaces: external (connected to the Internet) and internal (connected to my LAN). The box acts as a firewall, I'm also doing NAT. I have several ports open on the box itself and have set up port forwarding to a few machines on the LAN. I want any

Re: DMZ

2002-09-13 Thread Ben-Nes Michael
are you sure ? i looked for two hours what is DMZ. I searched linuxdoc.org and google in linux doc i entered each firewall howto and searched the index for DMZ and couldnt find a chapter speaking of DMZ. But now i know that DMZ is just a word that describe a low security leg, and its not some

Re: DMZ

2002-09-13 Thread Muli Ben-Yehuda
On Fri, Sep 13, 2002 at 12:05:33AM +0300, Guy Cohen wrote: ObLinux: how do I share easily an entire machine's hard disk with other machines? NFS sharing / led to all sorts of nastiness. Pointers to FMs welcome. cluster is a way. Err, I happen to know a thing or two about clusters, and

Re: DMZ

2002-09-13 Thread Yedidyah Bar-David
Hi, On Fri, Sep 13, 2002 at 10:05:58AM +0300, Muli Ben-Yehuda wrote: On Fri, Sep 13, 2002 at 12:25:25AM +0300, Yedidyah Bar-David wrote: I think the main difference is that ML answers are given late at night, with late-at-night moods (and tiredness), for better or worse :-). I

DMZ

2002-09-12 Thread Ben-Nes Michael
Hi All Small confusion. what exactly is DMZ ? If it is an area between the Internet and the Firewall then its not under protection of the firewall. If so what the firewall manage here ? = To unsubscribe, send mail to [EMAIL

Re: DMZ

2002-09-12 Thread Guy Cohen
what exactly is DMZ ? If it is an area between the Internet and the Firewall then its not under protection of the firewall. If so what the firewall manage here ? Say you want to make a tight security policy in your firewall: dont let *anything* enter to the windows network but lets some

Re: DMZ

2002-09-12 Thread Oleg Goldshmidt
Ben-Nes Michael [EMAIL PROTECTED] writes: Hi All Small confusion. what exactly is DMZ ? If it is an area between the Internet and the Firewall then its not under protection of the firewall. If so what the firewall manage here ? To put it simply, if not comprehensively, it is the area

Re: DMZ

2002-09-12 Thread Eli Marmor
Ben-Nes Michael wrote: Hi All Small confusion. what exactly is DMZ ? De-Militarized Zone. A typical topology is a 3-legs firewall, one goes to the Internet/FR- router/ADSL/whatever, the second to a hub with all the client computers (WIN machines etc.) connected to, and the third goes

Re: DMZ

2002-09-12 Thread Gilad Ben-Yossef
On Thu, 2002-09-12 at 20:29, Ben-Nes Michael wrote: Hi All Small confusion. what exactly is DMZ ? If it is an area between the Internet and the Firewall then its not under protection of the firewall. If so what the firewall manage here ? The art of security is all about risk hedging

RE: DMZ

2002-09-12 Thread e-tie
Have we forgot the lost art of RTFMing? On the original subject, go read: http://www.tldp.org/HOWTO/Firewall-HOWTO-3.html On security discussions...got a spare 5 years? = To unsubscribe, send mail to [EMAIL PROTECTED] with the

Re: DMZ

2002-09-12 Thread Guy Cohen
On Thu, Sep 12, 2002 at 08:48:35PM +0200, e-tie wrote: Have we forgot the lost art of RTFMing? [snip] On security discussions...got a spare 5 years? You couldn't be more right. The art of mailing list is slowly dying. people who spend 5 and more years investigating unix want to get payed and

RE: DMZ

2002-09-12 Thread e-tie
Please dont get me wrong, when you are stuck help is needed, but come on, DMZ? i mean there are so many docs out there on DMZ. As i see it, first see if you can find it and learn it yourself, then approach the comunity! Oh and btw i'm out of a job too, and i dont even know l/unix that good

Re: DMZ

2002-09-12 Thread Muli Ben-Yehuda
On Thu, Sep 12, 2002 at 09:27:18PM +0300, Guy Cohen wrote: On Thu, Sep 12, 2002 at 08:48:35PM +0200, e-tie wrote: Have we forgot the lost art of RTFMing? [snip] On security discussions...got a spare 5 years? You couldn't be more right. The art of mailing list is slowly dying. people who

Re: DMZ

2002-09-12 Thread Official Flamer/Cabal NON-Leader
Quoth Muli Ben-Yehuda: ObLinux: how do I share easily an entire machine's hard disk with other machines? NFS sharing / led to all sorts of nastiness. Pointers to FMs welcome. DON'T even dare thinking of a shared scsi bus! -- ---OFCNL This is MY list. This list belongs to ME! I will

Re: DMZ

2002-09-12 Thread Guy Cohen
On Thu, Sep 12, 2002 at 11:13:09PM +0300, Muli Ben-Yehuda wrote: I'll say it gently: the service a consultant provides should not be equivalent to an answer on a mailing list. If it is, said consultant is doing it wrong... Of course there's no substitute to real professional who's doing a

Re: DMZ

2002-09-12 Thread Yedidyah Bar-David
On Thu, Sep 12, 2002 at 11:13:09PM +0300, Muli Ben-Yehuda wrote: On Thu, Sep 12, 2002 at 09:27:18PM +0300, Guy Cohen wrote: On Thu, Sep 12, 2002 at 08:48:35PM +0200, e-tie wrote: Have we forgot the lost art of RTFMing? [snip] On security discussions...got a spare 5 years? You

Re: DMZ

2002-09-12 Thread Oleg Goldshmidt
Muli Ben-Yehuda [EMAIL PROTECTED] writes: I'll say it gently: the service a consultant provides should not be equivalent to an answer on a mailing list. If it is, said consultant is doing it wrong... No. The customer is doing it wrong... -- Oleg Goldshmidt | [EMAIL PROTECTED]

Re: DMZ

2002-09-12 Thread Oleg Goldshmidt
Official Flamer/Cabal NON-Leader [EMAIL PROTECTED] writes: DON'T even dare thinking of a shared scsi bus! Out of curiousity: why shouldn't I think about it? -- Oleg Goldshmidt | [EMAIL PROTECTED] = ... Of theoretical physics

Re: DMZ

2002-09-12 Thread Official Flamer/Cabal NON-Leader
Quoth Oleg Goldshmidt: Official Flamer/Cabal NON-Leader [EMAIL PROTECTED] writes: DON'T even dare thinking of a shared scsi bus! Out of curiousity: why shouldn't I think about it? If you are not yet old, you will become VERY old by playing with shared scsi busses. I did this quite a

Re: DMZ

2002-09-12 Thread Nadav Har'El
On Thu, Sep 12, 2002, Muli Ben-Yehuda wrote about Re: DMZ: On Thu, Sep 12, 2002 at 09:27:18PM +0300, Guy Cohen wrote: You couldn't be more right. The art of mailing list is slowly dying. people who spend 5 and more years investigating unix want to get payed and are sick and tired

Re: DMZ

2002-09-12 Thread guy keren
On Thu, 12 Sep 2002, Guy Cohen wrote: You couldn't be more right. The art of mailing list is slowly dying. people who spend 5 and more years investigating unix want to get payed and are sick and tired of not finding a job because a potential employer could just send a question to the

POP3 in DMZ

2000-08-14 Thread Alex Rier
Hi, Q. A corporate wants to allow it's employees to fetch the e-mails from it's e-mail server using POP3 (from the Internet). So, where do you put the POP3 Server? In DMZ? Behind the Firewall? Where do you keep the e-mails DBase? Where do you keep the users DBase? How do you authenticate

Re: POP3 in DMZ

2000-08-14 Thread benavrhm
On Mon, 14 Aug 2000, Alex Rier wrote: Hi, Q. A corporate wants to allow it's employees to fetch the e-mails from it's e-mail server using POP3 (from the Internet). So, where do you put the POP3 Server? In DMZ? Behind the Firewall? Where do you keep the e-mails DBase? Where do you