Nope.... completely wrong... even if you write about firewalls then you're
getting a msg back... (maybe in a month or so) ;-))
Does anybody know about a lamer-filter module for Checkpoint?
BP
-----Original Message-----
From: ed [mailto:[EMAIL PROTECTED]]
Sent: Freitag, 27. August 1999 02:09
To: firewalls
Cc: ed
Subject: UNAUTHENTICATED: RE: FW: DNS ..where to put..DMZ or ...
you realize of course, that every time you complain about him instead of
writing about firewalls, you create another annoying message from him that
we otherwise wouldn't have to deal with :)
At 01:01 PM 8/26/99 -0700, you wrote:
>How do we get this person removed from the list?
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, August 25, 1999 5:48 AM
>To: David Watson; Firewalls List (E-mail); 'W Joel Gridley'
>Subject: RE: FW: DNS ..where to put..DMZ or ...
>
>No desire receive messages !!!
>
>Thank you ,
>[EMAIL PROTECTED]
>
>
>----------
>De: W Joel Gridley[SMTP:[EMAIL PROTECTED]]
>Enviada: Quarta-feira, 25 de Agosto de 1999 03:07
>Para: David Watson; Firewalls List (E-mail)
>Assunto: Re: FW: DNS ..where to put..DMZ or ...
>
>What RFC covers this 90.0.0.0 network? According to IANA-ARIN, this is a
>reserved netblock
>
>(64.0.0.0 - 95.255.255.255). Which RFC talks about it? I have no idea
>what they're reserved
>
>for, and doing a search on the range itself gets me nothing but a blank
>screen.
>
>
>Any ideas? Only thing I know is that it ain't covered in RFC 1918
>(Internal Netblocks).
>
>
>
>
>At 09:41 AM 8/24/99 -0700, David Watson wrote:
>
>>>>>
>
><excerpt>
>
><smaller>I'm new with Fire Wall security. My superior seems to know more
>about it. but after this message I have my doubts. </smaller>
>
>
><smaller>Can anyone help?</smaller>
>
>
><smaller>-----Original Message-----</smaller>
>
><smaller>From: XXXXXXXXX</smaller>
>
><smaller>Sent: Tuesday, August 24, 1999 9:01 AM</smaller>
>
><smaller>To: David Watson</smaller>
>
><smaller>Subject: RE: DNS ..where to put..DMZ or ...</smaller>
>
>
>
><smaller>My suggestion would be to have PCI's DNS point to things that
>are going to be in the DMZ (ftp and www). Then pointers for everything
>else should be in a DNS behind the firewall. Also, we should have NAT
>and/or a proxy in or behind the firewall/router. Finally, all the
>internal IP addresses should be private (numbers that cannot be forwarded
>on the Internet) such as the 90.0.0.0 to .255 range with a 255.255.255.0
>subnet.
>
></smaller>
>
><smaller>-----Original Message-----</smaller>
>
><smaller>From: David Watson </smaller>
>
><smaller>Sent: Monday, August 23, 1999 6:35 PM</smaller>
>
><smaller>To: Eric Ford</smaller>
>
><smaller>Subject: FW: DNS ..where to put..DMZ or ...</smaller>
>
>
><smaller>Eric I'll forward the replies if you would like</smaller>
>
>
><smaller>-----Original Message-----</smaller>
>
><smaller>From: Tally
>[<<mailto:[EMAIL PROTECTED]>mailto:[EMAIL PROTECTED]]</smaller>
>
><smaller>Sent: Monday, August 23, 1999 4:52 PM</smaller>
>
><smaller>Subject: DNS ..where to put..DMZ or ...</smaller>
>
>
>
><smaller>This question has been asked n number of times on</smaller>
>
><smaller>this list. but after searching through the archives</smaller>
>
><smaller>it has confused us more as there are numerous</smaller>
>
><smaller>threads and its difficult to follow multiple</smaller>
>
><smaller>threads</smaller>
>
>
><smaller> I N T E R N E T</smaller>
>
><smaller> |</smaller>
>
><smaller> Firewall---Webserver(aka dmz)</smaller>
>
><smaller> |</smaller>
>
><smaller> Internal Network</smaller>
>
>
><smaller>A typical set up. The internal network has its own</smaller>
>
><smaller>"internal" DNS but the hosts have 10.x.x.x</smaller>
>
><smaller>addresses.</smaller>
>
><smaller>now the question. where do I place the DNS server.</smaller>
>
><smaller>what if I place it on the same host as Webserver on</smaller>
>
><smaller>the DMZ. This DNS server would be the name server</smaller>
>
><smaller>for the domain hosted by the firewall... correct..</smaller>
>
><smaller>?</smaller>
>
>
><smaller>and next , is there a way so that sitting on the</smaller>
>
><smaller>web server one could access hosts in the internal</smaller>
>
><smaller>network by name... how can this be achieved... ?</smaller>
>
><smaller>this is the hard part.</smaller>
>
>
><smaller>thanks and please email me</smaller>
>
><smaller>tally</smaller>
>
>
></excerpt><<<<<<<<
>
>
>
>
>
>
>
>
>Joel Gridley "Be the packet."
>
>Network Security/Firewall Specialist
>
>GTE Internetworking, "Powered by BBN."
>
>Burlington, MA
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
