Security Basics mailing list archives
RE: Access Internal and External Networks
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 19 Sep 2003 10:30:58 -0700
2! If you try option 1, the first person who roots one of these servers via some other service you didn't intend to be up, enables forwarding/proxying and now he has a back door into your internal network that completely bypasses your gateway. DNAT is definitely what you want. David Gillett
-----Original Message----- From: william () orlitech com au [mailto:william () orlitech com au] Sent: September 18, 2003 15:42 To: security-basics () securityfocus com Subject: Access Internal and External Networks I have a need for some servers to access both the external network and the internal network and am wondering which approach would be best: 1. 2 NIC's in each server one connected to the external network and one connected to the internal network 2. 1 NIC in each server connected to the internal network and DNAT the required ports from the external address to the internal address Thanks William -------------------------------------------------------------- ------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm -------------------------------------------------------------- --------------
--------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Access Internal and External Networks william (Sep 19)
- Re: Access Internal and External Networks JGrimshaw (Sep 19)
- Re: Access Internal and External Networks John Hollyoak (Sep 19)
- RE: Access Internal and External Networks David Gillett (Sep 19)
- Re: Access Internal and External Networks Ansgar -59cobalt- Wiechers (Sep 22)
- Re: Access Internal and External Networks alias (Sep 22)
- <Possible follow-ups>
- RE: Access Internal and External Networks Hagen, Eric (Sep 19)
- RE: Access Internal and External Networks Meidinger Chris (Sep 22)