Security Basics mailing list archives
Re: Firewall and DMZ topology
From: "Chris Berry" <compjma () hotmail com>
Date: Tue, 10 Jun 2003 11:37:53 -0700
From: Erik Vincent <evincent () ndexsystems com> 2: internet --> Firewall --> LAN --> DMZIf the Firewall is crack, the DMZ and LAN will be unprotected. It is far easier to crack a Windows/Linux Box when there is no Firewall at all.In my point of view, never use a Firewall with 3 NIC for the above reason. Of course if you are on a tight budget...... I know that CISCO PIX router, use this kind of configuration (#2).
Well, I think the two firewall setup would only be more secure if you were using different firewalls, otherwise whatever cracked the first one, would most likely also crack the second.
Chris Berry compjma () hotmail com Systems Administrator JM Associates "Gold is for the mistress - silver for the maid Copper for the craftsman cunning in his trade. "Good!" said the Baron, sitting in his hall But steel - cold steel is master of them all." -- Rudyard Kipling _________________________________________________________________MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
--------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare.Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Current thread:
- Re: [security] VPN vs changing routes, (continued)
- Re: [security] VPN vs changing routes Martin (Jun 11)
- Re: VPN vs changing routes Joerg Over Dexia (Jun 11)
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Re: Firewall and DMZ topology Steve Bremer (Jun 10)
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Message not available
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- RE: Firewall and DMZ topology Des Ward (Jun 10)
- Re: Firewall and DMZ topology Aaron Fisher (Jun 11)
- Re: Firewall and DMZ topology Christopher Ingram (Jun 10)
- RE: Firewall and DMZ topology Chris Berry (Jun 10)
- Re: Firewall and DMZ topology Chris Berry (Jun 10)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 10)
- RE: Firewall and DMZ topology Steve Bremer (Jun 10)
- RE: Firewall and DMZ topology ed (Jun 10)
- RE: Firewall and DMZ topology David Ellis (Jun 10)
- RE: Firewall and DMZ topology DeGennaro, Gregory (Jun 10)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 10)
- RE: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Re: Firewall and DMZ topology Chris Berry (Jun 10)
- Re: Firewall and DMZ topology Steve Bremer (Jun 11)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 11)