Firewall Wizards mailing list archives
Allowing incoming connections
From: Riccardo Valente <Riccardo.Valente () lionbio co uk>
Date: Fri, 15 Oct 1999 09:18:53 +0100
Hello all, I'm considering the idea of allowing two incoming services through my firewall (FireWall-1): (1) a newsfeed from a well-known machine at my ISP (PSINet), straight to my news server; (2) email from anywhere to my mail server, but using FireWall-1 SMTP "security server"; this intercepts the connection and acts like an SMTP proxy, so that there's never a direct incoming connection to the internal server. So far I haven't though about moving these services to a DMZ, because in case (1) I allow in just one IP address which I would consider "trusted", and in case (2) I'm using an application proxy to protect my mail server. I'd like to hear your opinion on this configuration; would the (possibly) better security worth the extra costs and efforts of setting up a DMZ for those services? Regards, Riccardo
Current thread:
- Allowing incoming connections Riccardo Valente (Oct 16)