Displaying 17 results from an estimated 17 matches for "dmzs".
Did you mean:
dmz
2007 May 29
1
Tunnelling Puppet over SSH
I work at a large financial institution (AXA) and we have a large number
of DMZs for our partner and internet-facing servers.
The only access to the various DMZs is via SSH and no DMZ-initiated
connections are allowed back to the internal network. I''d consider
putting a Puppet server in the DMZ but no communication is allowed
between DMZs either.
Has anyone tried...
2005 Oct 31
2
IProute2 and netfilter interactions
I am trying to build a firewall and from my reading of the list archives and
other places, I''m worried about unintended interactions between iptables and
iproute2. Here is my situation
I have an internal network on eth0 and two separate dmzs on eth1 and eth2
respectively (a wireless network and a kiosk). On the outbound side, I have a
cablemodem provider and a dsl provider. What I need is to set up routing such
that the internal network goes out on the dsl, while the dmzs go out on the
cablemodem.
What would be the best approach t...
2004 Apr 02
1
Complex Routing/Firewalling/Bridging question
...ient-accessible Internet servers.
Currently, both these networks, and our internal LAN, (and all of our
IPSec-connected remote offices) are all subnets in the 10.* range, and
NATted to the outside. I''m using Shorewall on RH9 (Linux 2.4) to handle
the firewalling and SNAT/DNAT for the DMZs and NAT for the LAN, and
FreeS/WAN for the IPSec WAN.
What I would _like_ to do is build an "invisible" firewall between the
routers provided with each of the three T-1 lines (yes, each T has it''s own
Cisco 2600-series router). Ideally, two, in some sort of fail-over
config...
2007 Mar 29
4
wondershaper and dmzs
I have a pretty simple setup. I''ve got a linux nat box, with some
internal hosts. I''ve also got some servers in a dmz. It looks
something like this:
Internet
|
(external network)
| |
| |
linux dmz
nat hosts
|
2007 Oct 09
1
SpamAssassin and Public Namespace
...n Spam
There are 5 messages in Non-Spam
Here's the script:
#########################################################################################
#!/usr/bin/perl
#
# Process mail from imap server shared folder 'spam' & 'not-spam'
through spamassassin sa-learn
# dmz at dmzs.com - March 19, 2004
# http://www.dmzs.com/tools/files/spam.phtml
# LGPL
#
# Things to try if it doesn't work
# 1) Turn debug onto 1 and see if you connect to imap server ad get
messages (yes i could have made a command line flag, just didn't see the
need once I got it working :)
# 2) Che...
2008 May 21
2
outgoing domu network dies after a while
...howmacs &
on the switch)
What bothers me most is that it worked fine up until Sunday. I was even
out of town for a few days before so I didn''t change anything.
Also, why does it work for a while after reboot?
My setup is not that strange. I have one domu as firewall and another in
two DMZs so I have my own network-bridge script that calls the stock
opensuse script
for i in $(seq 0 4); do
$dir/network-bridge "$@" vifnum=$i netdev=eth$i bridge=xenbr$i
/usr/sbin/ethtool -K eth$i tx off
done
and this gives
# brctl show
bridge name bridge id STP...
2004 Aug 06
0
Impossible to connect to ANY yp server
...ord ....
http_admin 1
#icydir www.oddsock.org
#icydir yp.shoutcast.com
#icydir yp.breakfree.com
#icydir yp.musicseek.net
#icydir yp.van-pelt.com
#icydir yp.radiostation.de
#directory www.oddsock.org:80/cgi-bin/yp-cgi
directory yp.icecast.org
#directory yp.mp3.de
#directory yp.dmzs.com
#directory icecast.linuxpower.org
touch_freq 5
hostname ormgas.com
port 8000
port 8001
server_name ormgas.com
force_servername 1
logfile icecast.log
accessfile access.log
usagefile usage.log
logfiledebuglevel 0
consoledebuglevel 0
console_mode 3
client_timeout 30...
2009 Jan 25
1
SCP Remote-To-Remote?
...ote to Remote support.
And wondering if there was any plans to add this into OpenSSH?
Specifically I am talking about this e-mail:
https://lists.mindrot.org/pipermail/openssh-unix-dev/2005-May/022953.html
The situation I find myself in is I can SSH into two of our servers
sitting in two different DMZs from out Bastion host, however the two
servers are unable to contact each other, nor are they able to SSH
back to the Bastion host. Of course since this is a BH, it has no
locally writable space so I am unable to copy them locally.
The "tar" solution in the above e-mail works, albeit a...
2006 Jan 23
0
Help configuring firewall
...with six network cards. eth0 is the
internal network, eth1 is a kiosk network, eth2 is a DMZ/wireless
network. On the outbound side, eth3 is a DSL connection and eth4 is a
cablemodem connection.
What I am trying to do is route all internal traffic out the DSL
connection (eth0 to eth3), and the two dmzs, kiosk and wireless out the
cable connection (eth1 and eth2 to eth4). Thus far as I have been unable
to get this to work.
For the sake of the discussion, the internal network is 10.1.1.0/24, the
kiosk is 172.16.1.0/24 and the dmz/wireless is 192.168.1.0/24. The dsl
line is 1.2.3.4 and the cable li...
2004 Jul 21
1
[Bug 904] Better support for multi hop ssh/scp/sftp and anonymous port forwarding
...Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: slice1900 at hotmail.com
A lot of people use SSH for DMZs, and thus you have to ssh through several hosts
(4 hops through one environment I'm familiar with!) It would be nifty to see
syntax something like:
ssh user1 at hop1/hop2/hop3/user4 at hop4 reboot
This would ssh to hop1 as user1, then to hop2 as user1, then to hop3 as user1
and then hop4 as...
2007 Jul 03
15
Puppet as a push model
I just started digging into puppet and it looks like puppet is using a
pull model. You have a master server and clients talk to it to get
config info.
Is anyone out there using a push model? If not, why not? Are there
security reasons you would use one over the other?
It seems that cfengine also uses a push model, so I wondered if this is
a "standard" or if there are specific
2015 Feb 03
2
Another Fedora decision
On Tue, 2015-02-03 at 13:16 +1100, Kahlil Hodgson wrote:
> A DMZ in this context is a network that has been isolated from the
> rest of your local network. You can access it from your local
> network, it can access the rest of the world, but it can't access your
> network. The idea is that, if a machine in the DMZ is compromised, it
> can only access other machines in the
2010 Aug 09
2
Setting up webmail in DMZ
I have a Smoothwall server on my network and am running three network
interfaces off it.
1) local LAN 192.168.0.0 with PCs and an internal dovecot server on
192.168.0.154.
2) internet interface
3) DMZ 192.168.2.0 which has a linux web server 192.168.2.1 on which I
want to install a webmail so I can access my email remotely.
Originally 192.168.2.1 couldn't see the 192.168.0.0 network but with
2004 Nov 05
6
A distro around Shorewall
Hi all,
Currently at work we use a commercial product called "Gnatbox", which, I
believe, is a BSD derivative running on a floppy disk. They have a pretty
UI and all, but I''d feel much safer/happier with a GNU/Linux box and
Shorewall doing the same thing.
In fact, I''m doing something very close to this at home using Openwrt and
Shorewall on my WRT54G router, but I
2002 May 17
19
Shorewall 1.3 Beta 1
The 3.1 Beta is now available -- check the Shorewall home page.
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2009 Feb 04
2
More complex Xen Networking, with VLANs and maybe with VDE 2... but how?!
--- In english ---
Hello!
I am to implement a new architecture of the network in my company but I do
not know right where to start ... need help!
Currently 90% of my servers are virtual machines under Xen. I have many
valid IP networks and all Hypervisors are configured in bridge mode, to
simplify. We have 3 VMWare ESX Hypervisor also in bridge mode.
Some networks are exclusive to certain
2004 Aug 06
2
status2.xsl info...
Quick thought, if the fields are separated by "," & a title/artist/.. has
a comma in it then it causes a few problems with parsing.
Likewise if there are multiple streams it might be nice to have each stream in it's own line so it is easier to grab the info.
Also, status.xsl displays streams even after they have been stopped.
dmz
--- >8 ----
List archives: