|
|
Sponsored Content
Special Forums
Cybersecurity
DMZ systems having internal IP, ok or not?
Post 302501944 by aixlover on Saturday 5th of March 2011 11:08:43 PM
03-06-2011
DMZ systems having internal IP, ok or not?
Hi, I am new here. Nice to meet you guys 
Here is my first question:
We are using Fortigate 3800 as firewalls. The DMZ contains external DNS, web and proxy servers. Systems in DMZ use subnet 192.168.1.0, and the internal systems use subnet 10.1.1.0.
My questions: Can we assign two IP addresses to each DMZ server, one IP in 192.168.1.0 subnet and one IP in 10.1.1.0 subnet? Is there any way to prevent security issues from occuring by using this type of configuration?
Thank you much in advance!
Here is my first question:
We are using Fortigate 3800 as firewalls. The DMZ contains external DNS, web and proxy servers. Systems in DMZ use subnet 192.168.1.0, and the internal systems use subnet 10.1.1.0.
My questions: Can we assign two IP addresses to each DMZ server, one IP in 192.168.1.0 subnet and one IP in 10.1.1.0 subnet? Is there any way to prevent security issues from occuring by using this type of configuration?
Thank you much in advance!
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I need to redirect internal internet requests to a auth client site siting on the gateway. Currently users that are authenticated to access the internet have there mac address listed in the FORWARD chain. All other users need to be redirected to a internal site for authentication.
Can... (1 Reply)
Discussion started by: mshindo
1 Replies
2. Linux
Hi to all.
There are eth0(wan) eth1(lan) and eth3(dmz) in my debian router.
In dmz is planing dns, ad, dhcp, smtp/pop/imap, https(web-based imap client). I don't configured rules on "iptables" and "route" loads for right relation lan clients with dmz services.
Please explain me example... (0 Replies)
Discussion started by: sotich82
0 Replies
3. UNIX for Advanced & Expert Users
I'd just like to know what you use for user account management on your DMZ servers?
Do you use the same authentication realm as internally?
Do you use a different authentication realm, perhaps only for the DMZ?
Do you use local accounts? (2 Replies)
Discussion started by: humbletech99
2 Replies
4. Solaris
I've been looking at various articles about Zones/Containers, from SUN's website, and through numerous Google searches, and although there's a lot of info out there, I've not got a definitive answer for what I'd like to do.....so here we go.....
I'm installing a webserver, which is sitting on a... (3 Replies)
Discussion started by: in2deep
3 Replies
5. Shell Programming and Scripting
Hi
I would like write a script that will do sftp frm a box that resides inside the FW to a box that resides in DMZ.Any ideas guys.I tried generating rsa keys for a particular user, however just want to know is there any other solution or not. Your help is much appreciated.
Thanks
CK (2 Replies)
Discussion started by: coolkid
2 Replies
6. What is on Your Mind?
I have been wondering how do Systems Administrators do the jump into Systems Engineering? Is it only a matter of time and experience or could I actually help myself get there?
Opinions? Books I could read?
Thanks a lot for your help! (0 Replies)
Discussion started by: svalenciatech
0 Replies
7. Shell Programming and Scripting
I remote to many DMZ boxes every day to run batch file that allows me to create users. I create users in 17 DMZ boxes every day which takes a lot of my time.
Is there any script that would do this job from my local computer?
Thank you for your help! (3 Replies)
Discussion started by: idiazza
3 Replies
8. UNIX and Linux Applications
Hi All,
Hope this is the correct thread to ask this, if not, can an admin please move it to the correct thread.
Got a wee problem I hope someone can point me in the right direction.
I have Network A with two servers hosting separate webpages (I will call these WP1 & WP2). A DMZ server... (6 Replies)
Discussion started by: dakelly
6 Replies
9. UNIX for Beginners Questions & Answers
Hi All,
I have a strange issue and I am not sure where the problem lies.
I have about six Ubuntu servers on our DMZ two of which were built on 18.04 from scratch the others were upgraded to 18.04 from 16.04.
The servers built from scratch can send emails from the server via sendmail fine, so... (4 Replies)
Discussion started by: dakelly
4 Replies
LEARN ABOUT X11R4
findsmb
FINDSMB(1) User Commands FINDSMB(1) NAME
findsmb - list info about machines that respond to SMB name queries on a subnet SYNOPSIS
findsmb [subnet broadcast address] DESCRIPTION
This perl script is part of the samba(7) suite. findsmb is a perl script that prints out several pieces of information about machines on a subnet that respond to SMB name query requests. It uses nmblookup(1) and smbclient(1) to obtain this information. OPTIONS
-r Controls whether findsmb takes bugs in Windows95 into account when trying to find a Netbios name registered of the remote machine. This option is disabled by default because it is specific to Windows 95 and Windows 95 machines only. If set, nmblookup(1) will be called with -B option. subnet broadcast address Without this option, findsmb will probe the subnet of the machine where findsmb(1) is run. This value is passed to nmblookup(1) as part of the -B option. EXAMPLES
The output of findsmb lists the following information for all machines that respond to the initial nmblookup for any name: IP address, NetBIOS name, Workgroup name, operating system, and SMB server version. There will be a '+' in front of the workgroup name for machines that are local master browsers for that workgroup. There will be an '*' in front of the workgroup name for machines that are the domain master browser for that workgroup. Machines that are running Windows for Workgroups, Windows 95 or Windows 98 will not show any information about the operating system or server version. The command with -r option must be run on a system without nmbd(8) running. If nmbd is running on the system, you will only get the IP address and the DNS name of the machine. To get proper responses from Windows 95 and Windows 98 machines, the command must be run as root and with -r option on a machine without nmbd running. For example, running findsmb without -r option set would yield output similar to the following IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION --------------------------------------------------------------------- 192.168.35.10 MINESET-TEST1 [DMVENGR] 192.168.35.55 LINUXBOX *[MYGROUP] [Unix] [Samba 2.0.6] 192.168.35.56 HERBNT2 [HERB-NT] 192.168.35.63 GANDALF [MVENGR] [Unix] [Samba 2.0.5a for IRIX] 192.168.35.65 SAUNA [WORKGROUP] [Unix] [Samba 1.9.18p10] 192.168.35.71 FROGSTAR [ENGR] [Unix] [Samba 2.0.0 for IRIX] 192.168.35.78 HERBDHCP1 +[HERB] 192.168.35.88 SCNT2 +[MVENGR] [Windows NT 4.0] [NT LAN Manager 4.0] 192.168.35.93 FROGSTAR-PC [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager] 192.168.35.97 HERBNT1 *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0] VERSION
This man page is correct for version 3 of the Samba suite. SEE ALSO
nmbd(8), smbclient(1), and nmblookup(1) AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed. The original Samba man pages were written by Karl Auer. The man page sources were converted to YODL format (another excellent piece of Open Source software, available at ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 release by Jeremy Allison. The conversion to DocBook for Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was done by Alexander Bokovoy. Samba 3.5 06/18/2010 FINDSMB(1)