[LUNI] Sharing Wifi
Francis Healy
zfhealy at sbcglobal.net
Fri Nov 17 16:34:10 CST 2006
Michael Labowicz <mlabowicz at gmail.com> wrote: On 11/16/06, Samir Faci wrote:
> use a linux box and dump 3 nicks on it. Wan, Lan, and dmz. then
> just write an iptables script to block any incoming connection from
> dmz net to lan.
>
> We could probably help you better given more details.
>
>
I understand the WAN and the LAN, what does the DMZ do?
--
Michael Labowicz
http://www.labowicz.com/blog/
--
Linux Users Of Northern Illinois - Technical Discussion
http://luni.org/mailman/listinfo/luni
The DMZ net should allow connectivity through certian ports (80, 25...) from the WAN network, but not from the LAN network. In the event your DMZ systems are compromise, say from a web server vulnerability, the atacker can't use the access to get into the internal network (which he could if you just forwarded a port through the firewal to your internal net.
More information about the luni
mailing list