different network firewall setup

**Heeter** · January 10th, 2008

I am part of another website, and one question arised as to who uses what as a firewall.

This particular person posted this,

Code:

I used to use a s/w firewall but found it was a waste of my resources! 

I currently have this...

Modem firewall set to DMZ to my server, other shiz is firewalled.

Linksys firewall is OFF! 

From there I have a P1, 64MB ram, 4 gig HDD, 
4 1G ethernet cards running Linux Ipcop as my true network firewall...

I have one subnet to the DMZ with my modem for my server...

2 more with my home network using the 4th for the internet! 

That said, take a stab at me, I DARE YA! hehe

Overkill?

Not with something running in the DMZ my friends!

The more I look at this setup, the more I don't understand why this works. Has anyone ever seen this type of setup?

Sounds like he is basically using IPCOP as a switch, but why DMZ the server?

Heeter

Dark Atheist · January 10th, 2008

i normally just block all ports on the linksys router i have (running tomato) and only open ports as and when i need them

**Heeter** · January 10th, 2008

I am trying to figure out what is being accomplished by DMZ'ing the server.

Heeter

Dark Atheist · January 10th, 2008

dmz = all ports open, just open the ports you need and if poss restrict what ever you have running by ip

**Unleashed** · January 10th, 2008

Which is precisely why it shouldn't be done!

Dark Atheist · January 10th, 2008

thought everyone knew what the DMZ was

still if you don't ask you don't learn and its all about learning, sometimes lessons learned the easy way sometimes the hard way

**Heeter** · January 11th, 2008

What I am asking is that I have always been told is to bury the servers into the network, not leave them DMZ'ed right from the router, then shut off the router firewall.

Heeter

**Geffy** · January 11th, 2008

Typically you'll want to place as much as you can behind the normal firewall. In some cases though, if you have some traffic which you just don't want to firewall, or you are running an external firewall then you'll use a DMZ. Sometimes its just too much hassle to have to access something else to open up a firewall port.

**X-Istence** · January 11th, 2008

What I think he did is this:

Code:

modem -> router -> linux machine

                                    - another machine
                                   /
Router -> Linux machine -   - yet another machine
                                   \
                                    - Box used for internet

So basically he could have just hooked up his cable modem to his Linux machine and it would have been basically the same.

Also, it is completely retarded to put gigbit cards in a pentium 1 machine, as the computer will run out of processing power before even reaching full 100 Mbit speeds, and the PCI bus that is used in such old machines can't even take advantage of the speed improvements the card offers because the bandwidth on it is too small.

January 10th, 2008	Top \| #1
Heeter Overclocked Like A Mother Joined: July 2002 Location: In front of my computer Posts: 2,729 Reputation: 684 Power: 150	different network firewall setup I am part of another website, and one question arised as to who uses what as a firewall. This particular person posted this, Code: I used to use a s/w firewall but found it was a waste of my resources! I currently have this... Modem firewall set to DMZ to my server, other shiz is firewalled. Linksys firewall is OFF! From there I have a P1, 64MB ram, 4 gig HDD, 4 1G ethernet cards running Linux Ipcop as my true network firewall... I have one subnet to the DMZ with my modem for my server... 2 more with my home network using the 4th for the internet! That said, take a stab at me, I DARE YA! hehe Overkill? Not with something running in the DMZ my friends! The more I look at this setup, the more I don't understand why this works. Has anyone ever seen this type of setup? Sounds like he is basically using IPCOP as a switch, but why DMZ the server? Heeter

January 10th, 2008	Top \| #2
Dark Atheist I never said I was nice Joined: April 2003 Location: In The Void Posts: 6,346 Blog Entries: 8 Reputation: 1877 Power: 0	Re: different network firewall setup i normally just block all ports on the linksys router i have (running tomato) and only open ports as and when i need them

January 10th, 2008	Top \| #3
Heeter Overclocked Like A Mother Joined: July 2002 Location: In front of my computer Posts: 2,729 Reputation: 684 Power: 150	Re: different network firewall setup I am trying to figure out what is being accomplished by DMZ'ing the server. Heeter

January 10th, 2008	Top \| #4
Dark Atheist I never said I was nice Joined: April 2003 Location: In The Void Posts: 6,346 Blog Entries: 8 Reputation: 1877 Power: 0	Re: different network firewall setup dmz = all ports open, just open the ports you need and if poss restrict what ever you have running by ip

January 10th, 2008	Top \| #5
Unleashed We Speak Geek Joined: July 2003 Location: Fredericton, Canada ex Norwich, England ex Hougang, Singapore ex Durban, South Africa Posts: 1,249 Reputation: 460 Power: 121	Re: different network firewall setup Which is precisely why it shouldn't be done! CPU: Intel Core2 Q6600 \| Mobo: BFG nVidia 680i SLI \| RAM: 2GB 2x Corsair XMS6400 \| PSU: Hiper 580 Watt \| HDD: WD160GB SATAII \| GFX: BFG GeForce 8800GTS OC 640MB \| DVD: SAMSUNG 20x DVD+/-R/RW/RAM SATA

Latest News Posts

Latest Forum Posts

Latest Member Blogs

January 10th, 2008	Top \| #6
Dark Atheist I never said I was nice Joined: April 2003 Location: In The Void Posts: 6,346 Blog Entries: 8 Reputation: 1877 Power: 0	Re: different network firewall setup thought everyone knew what the DMZ was still if you don't ask you don't learn and its all about learning, sometimes lessons learned the easy way sometimes the hard way

January 11th, 2008	Top \| #7
Heeter Overclocked Like A Mother Joined: July 2002 Location: In front of my computer Posts: 2,729 Reputation: 684 Power: 150	Re: different network firewall setup What I am asking is that I have always been told is to bury the servers into the network, not leave them DMZ'ed right from the router, then shut off the router firewall. Heeter

January 11th, 2008	Top \| #8
Geffy OSNN Veteran Addict Joined: March 2002 Location: United Kingdom Posts: 7,805 Reputation: 1490 Power: 213	Re: different network firewall setup Typically you'll want to place as much as you can behind the normal firewall. In some cases though, if you have some traffic which you just don't want to firewall, or you are running an external firewall then you'll use a DMZ. Sometimes its just too much hassle to have to access something else to open up a firewall port.  • blog • tumblog • lastfm • flickr • #rubyonrails • @twitter "I could be replaced with a very small shell script"

January 11th, 2008	Top \| #9
X-Istence * Joined: December 2001 Location: USA Posts: 6,490 Reputation: 2808 Power: 217	Re: different network firewall setup What I think he did is this: Code: modem -> router -> linux machine - another machine / Router -> Linux machine - - yet another machine \ - Box used for internet So basically he could have just hooked up his cable modem to his Linux machine and it would have been basically the same. Also, it is completely retarded to put gigbit cards in a pentium 1 machine, as the computer will run out of processing power before even reaching full 100 Mbit speeds, and the PCI bus that is used in such old machines can't even take advantage of the speed improvements the card offers because the bandwidth on it is too small. My blog!

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Network Setup Wizard	Bman	Windows Desktop Systems	3	February 19th, 2007 5:37pm
Network Setup Help	synical33	General Hardware	26	July 3rd, 2005 4:08am
network setup wizard	bigdave50uk	Windows Desktop Systems	3	July 6th, 2004 7:01pm
Wireless Network Setup	Admiral Michael	Windows Desktop Systems	10	September 7th, 2003 9:54pm
What do I need to setup a network?	kewlio	Windows Desktop Systems	8	April 20th, 2002 3:23pm