[Cialug] DMZ, router's firewall and web server's security...

Kendall Bailey krbailey at gmail.com
Mon Nov 28 11:12:33 CST 2005


I'm not an expert in these things, but...  My understanding of a DMZ
is that it consists of systems located between 2 firewalls.  I think
you are being advised to have a second firewall completely seperating
your LAN (the two Windows and one Mac) from your web server so that if
the web server is compromised, there's a second barrier to stop
further penetration of your LAN.  I've always been a little confused
by the term DMZ applied to home routers.  I've never turned that on,
but it seems to me it just forwards all incomming connections to the
chosen "DMZ host".

Kendall


On 11/28/05, afan at afan.net <afan at afan.net> wrote:
>
> Hi,
>  I just had a talk about my home network and my web server at home and
> people I talked to confused me about couple things.
>  First, one said that setting up web server at home and NOT USING DMZ is
> making a hole in my network  and security system. He said that I HAVE to use
> DMZ.
>  On my modem's setting page though I found that I have to turn DMZ on just
> in case I make server for special needs, like gaming server or video
> conferencing.
>  Do I really NEED DMZ turned "On"? My opinion is that I don't need it for
> web server at home.
>
>  Second, other guy was almost laughing at me when I told him that ONLY
> firewalls I use in home network are modem's and router's firewalls (I have
> Web server on SuSE 9.2 and I have two Windows and one Mac computer in
> network). He said that these are something like low-level, low-secure
> firewalls and that I have to have something good!.
>  When I started using hi speed Internet access (first cable then DSL), and I
> talked to people about firewalls, all of them told me the same: my computers
> behind modem's and router's firewalls are REALLY safe. I had some period of
> time Zone Alarm, but after one guy compared it as "Having 2 spare wheels on
> car - it's better then one, but chances to need them both are so small and
> not worth to carry 2nd one" - I took it off.
>  What do you think?
>
>  -afan
>
>
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>
>


More information about the Cialug mailing list