|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Basic Post-Install Config?
|
In Router terms DMZ means wide open. The DMZ host see's all traffic.
Better to port forward the ports to the IP address(es) that serve them.
Only those ports are forwarded to the associated IP's. It does not matter
if a port is open on the inside PC. If it is not forwarded it is not
getting there. That being said it is still a good idea to limit ports to
those used. But for instance if you want local telnet and you don't
forward port 23, the WAN side isn't getting there!
Doug
On Thu, 3 Feb 2005, Chad Waters wrote:
>
> Put it on a DMZ if possible.
>
> If you know you're only going to use ssh and imap from certain hosts
> (ie work), restrict access to those hosts instead of leaving them
> wide open.
>
> Be fully aware of the security concerns regarding the web server and
> CMS. That will probably be your most vulnerable service.
>
> --
> -Chad C Waters
> http://chadcwaters.com
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
>
****************************
* Doug Crompton *
* Richboro, PA 18954 *
* 215-431-6307 *
* *
* doug@crompton.com *
* http://www.crompton.com *
****************************
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|