neewt wrote: |
There has to be some sort of proxy that can do content filtering and therefor just allow valid traffic from DMZ to internal lan. In this case, certain SQL-commands. Anyone know of such an implementation? |
gsnatesh wrote: |
Question: How would a server on the DMZ communicate with the intranet assuming the DMZ and Intanet have different subnets?? |
danielrm26 wrote: | ||
This is a "sandwich" DMZ -- the one that I prefer, and the one that offers more security than the "multi-NIC" approach. |
UnaBomber wrote: |
Cisco Switches are very difficult to flood, (I presume your are talking about mac flooding and arp poisioning) once you have deployed CIS (Cisco intergrated security) which limits the number of MAC addresses that can be learned at a given port... preventing CAM manupulation. |
xathras wrote: |
is this post your own work or an extract from elsewhere, I have seen this before, not on this site but for the life of me cannot track it down. |
danielrm26 wrote: | ||
Yes, it's my work. You probably saw it on New Order, which is where I posted it first. You'll notice it was posted under "danielrm26" in both places. Google (http://www.google.com) can show you this information if you enter the string "danielrm26" and "DMZ" into the search field and either press "enter" or click the search button. Regards, |
xathras wrote: |
lol, at least it shows that I paid attention to the info |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours