-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 19 Jan 2008, bipin sartape wrote:
> hi everyone,
> wanted to know whether mail server and
> web server (also others like ftp..)can be installed
> inside the militarized zone(LAN) rather than a usual
> setupin the DMZ zone. how will i achieve public access
> to it and will it enhance my security aspect.
1. Yes, they can be set up behind the firewall. Search for ``port
forwarding'' -- that's what you'll need to do to enable outside clients
to access services behind your firewall.
2. Security... does adding a firewall somewhere in your network make
your network more secure? IMNSHO, usually not. Network and system
security is a process, not a product. Unless you clearly enumerate in
black and white the following, you will never be able to achieve even a
reasonably secure network:
- What am I protecting?
- What am I protecting it from?
- What is the cost of losing what I am protecting?
- What is the cost of protection?
and only after that you ask the final question,
- What tools and policies do I need to protect my assets?
So please don't fall into the [firewall == security] trap -- that way
usually lies disaster.
Regards,
- -- Raju
- --
Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/
Freedom in Technology & Software || February 2008 || http://freed.in/
GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F
PsyTrance & Chill: http://schizoid.in/ || It is the mind that moves
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHkX6CyWjQ78xo0X8RAkXNAKCQht2unBW7gZymp5mrJLo/ckCvOwCghrwW
vlvSa8tnIsajf9sa4sjYTSU=
=WqWz
-END PGP SIGNATURE-
___
ilugd mailinglist -- ilugd@lists.linux-delhi.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Next Event: http://freed.in - February 22/23, 2008
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi
http://www.mail-archive.com/ilugd@lists.linux-delhi.org/