Jump to content
RESET Forums (homeservershow.com)

What is DMZ used for?


Pancakes
 Share

Recommended Posts

  • Replies 28
  • Created
  • Last Reply

Top Posters In This Topic

  • ikon

    9

  • Jason

    4

  • KydDynoMyte

    5

  • FiLiNuX

    5

Top Posters In This Topic

I run three networks, lan1is my home network, lan2 is my lab network, DMZ is where I connect my Ooma. I generally have 5 NICs in a firewall/router.

Link to comment
Share on other sites

A DMZ is where you put servers that you want to be available on the public Internet. In a Microsoft Domain environment it typically means the computers in the DMZ have a 1-way trust with the computers on the main LAN. By that I mean the computers on the main LAN can access the servers in the DMZ (the DMZ server trust the LAN computers), but the computers in the DMZ can't access the computers on the main LAN (no trust).

 

The whole idea is to reduce the chance that malware or crackers can infect of compromise computers on your LAN.

Link to comment
Share on other sites

Whatever you put n the DMZ will receive the packets on ports that are not already being forwarded elsewhere by the router. I've only ever used it if something is not working, throw it on the dmz for a second to see if the connection can be made to help rule out if I am not forwarding all the ports needed. I am not sure why you would want to leave something on the DMZ all the time unless it was a honey pot.

Link to comment
Share on other sites

That's an interesting use for a DMZ. I've never used one for that. Now, I'm not sure all routers forward all unassigned ports to the DMZ. For one thing, what would happen if there was more than 1 server in the DMZ? Perhaps this a common feature of consumer level routers, and perhaps they only allow for one server in the DMZ. In my workplace, our DMZ has a number of servers, clustered to provide better performance.

Link to comment
Share on other sites

"Whatever you put n the DMZ will receive the packets on ports that are not already being forwarded elsewhere by the router."  

 

Im going to roll with Ikon on this as I am not familiar with this theory. (DMZ with all encompassing default route)

 

"I've only ever used it if something is not working, throw it on the dmz for a second to see if the connection can be made to help rule out if I am not forwarding all the ports needed."

I follow this and it would work.  Might not be best practice in all cases but it would work !!  

 

I am not sure why you would want to leave something on the DMZ all the time unless it was a honey pot.

I don't understand/agree with this either (big shocker there huh :) .  Its what a DMZ is made for is to put public facing servers out there and leave them.  It allows you to have your servers in a semi trusted zone (I say semi - trusted because you own the DMZ and it is usually still behind a firewall)

Edited by FiLiNuX
Link to comment
Share on other sites

"I am deciding if I need 2 or 3 NIC's "

 

Sorry Pancakes, got off topic for a second.  Multiple NIC's are nice & definitely add to the range of what you can do but how many really depends on what YOU want/need to do.(Should I get 2 or 3 for X or Y)  I am guessing this is a question of how many NIC's for your server?  Is it going to be handling any sort of routing duties?  If so then of course two would be needed.  As for a 3rd though a LOT can be done with virtual / sharing of NICS.

 

 

Link to comment
Share on other sites

I must need to use more advanced routers. Or my needs are way too simple.

 

If your serious the router below MIGHT be able to handle some of your home needs.  :)

 

prod_large_photo0900aecd800f7592.jpg

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...