Proper ISP Hardware Configuration?
This will sound stupid... But what are most members using as their firewall/router for their ISP setup? I have (and maybe I have just overlooked it) seen only setups involving the web/ftp/dns but there are no setups describing the proper hardware/network configuration for a DMZ setup. Correct me if I am wrong, but anybody who allows an ISP or other party to control their firewall is asking for trouble.
I am looking at using ISPconfig, on a new server that I have, but it and the mail, ftp, www server will sit in a DMZ zone, and the internal network will also be behind the firewall. Anybody else doing something similar?
Wel u can disable the ispfirewall and just use ur own one as long as u open all the ports that are needed i am making currently 2 servers 1 with use of ispconfig and one for a company that has a hardware firewall and i have totally no problems.
And about dmz zone i run ispconfig at a home server for testing and that is in a dmz zone this is also noproblem.
We currently use a Cisco PIX firewall device for our firewall and NAT router, although pretty much any firewall device will suffice including another server acting as a firewall. We then block all ports by default and then "punch holes" through for services like ftp, web, email, with NAT redirects to the correct internal IP of the corresponding server.
I think this would be considered a safer setup than putting the servers in a DMZ zone as the entire range of ports on the server are open to potential attacks.
|All times are GMT +2. The time now is 19:59.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.