Re: Network Topology
- From: "Matt Gibson" <mattg@xxxxxxxxxxxxxxx>
- Date: Fri, 8 Apr 2005 14:48:02 -0700
> Matt,
>
> I appreciate your help. The secureftp server will have files uploaded to
> it
> that need to be able to be moved to a server on the internal network. I'm
> a
> little fuzzy here, I know that because of the dmz I will be blocking all
> traffic from within the DMZ to our internal network, or at least that is
> my
> understanding, however, could a computer from within my internal network
> access the secureftp server sitting on the dmz and pull the files from it?
> Would that be a secure/smart implementation?
>
David,
Glad to know I could be of help :) I'm always worried that I just tend to
ramble.
Yes, it's preferred to have your computers initate the connection to the
DMZ. That way if the DMZ server is comprimised, they cannot use it as a
launching pad for an attack on your internal network.
Matt Gibson - GSEC
.
- References:
- Network Topology
- From: David G.
- Re: Network Topology
- From: Matt Gibson
- Re: Network Topology
- From: David G.
- Network Topology
- Prev by Date: Re: User Account Locked
- Next by Date: Re: CALS question
- Previous by thread: Re: Network Topology
- Next by thread: Re: Network Topology
- Index(es):
Loading
