--On mardi 5 avril 2005 14:35 +0200 Roger Grosswiler <roger@xxxxxxxx> wrote:
Hi!
I want to hear your opinion on the following net configurations: 1. cablemodem -> router -> server in DMZ -> LAN users 2. cablemodem -> router/server -> LAN users
Which one is more secure and what are the risks on each one?
Regards, Sasa--Sasa,
a) What kind of server are we talking of?
b) assuming it's a web- /mailserver, i would prefer version 1. Is this a SOHO-installation with a small SOHO-Router? Be careful, as many of them indicate a DMZ in the meaning, that they just forward all incoming ports to a local machine (except the request from your lan of course), but the server often has just his own local protection, as they often exclude firewalling for DMZ-Computers
c) i would never use a web- or mailserver as additional router to surf. Advantage here: you would have the chance to install squid on it.
Roger
Yes, it is a web/mail/samba server. For router I am thinking to use Smoothwall with three NIC's.
Sasa
Attachment:
pgp1UjpRcAUbU.pgp
Description: PGP signature
