similar to: DMZ Kerberos authentication, is Samba needed or helpful?

Displaying 20 results from an estimated 30000 matches similar to: "DMZ Kerberos authentication, is Samba needed or helpful?"

2003 Oct 22
2
help seeing DMZ from LOC
I have a three interface network (net,loc,dmz). The internet interface (eth0) has a static IP. Windows machine in the local network (eth1) use DHCP to get IPs from the 192.168.10.0/24 netblock. The Debian machine in the DMZ (eth2) gets a fixed IP through DHCP in the 192.168.11.0/24 netblock. The DHCP server is running on the firewall machine (not ideal, I know, but that''s the way
2004 Nov 01
2
dmz setup
I am trying to add a machine into my dmz. It is the first machine I''ve ever added to this dmz and fro some reason I cannot establish communication between the dmz and the machine. Here is an example of my setup: ISP router --> firewall (eth0) firewall (eth1) --> local network firewall (eth2) --> DMZ eth0 and eth2 have public IP addresses as does the machine I just added to
2006 Dec 09
2
Client behind firewall
Hey, I have a Compaq T2000 UPS that I use to power my firewall, dmz, and two internal machines and I've just started implementing UPS monitoring to shut the systems down in the event of an outage instead of relying on me, but I've run into a snag. Reading the documentation, it seems the client has to contact the server. The problem is I really don't want to open a port form the
2003 Jan 13
4
DMZ hosts gateway
Hi everyone, I have a question regarding the default gateway for hosts on DMZ zone. I moved servers from parallel to the DMZ (outside the firewall, directly connected to I-net) to inside DMZ. The default gw for these servers was the DSL router(bridge) of my ISP. What should be the default gw (for the hosts inside the DMZ), when hosts are inside the DMZ now - still the DSL router (external
2003 Jan 02
1
mail server in dmz
Hi, in a three interface firewall I have eth0, loc, 10.1.5.1/16 eth1, int, 200.41.61.228/29 eth2, dmz, 192.168.1.1/24 (un)fortunately I got a group of public ip?s to use, so here is my problem in the dmz I have 192.168.1.3 redirected from eth1 alias 200.41.61.226 (a web server, works perfect). I am trying to set up a mail server also, a different machine, so I can?t use proxyarp, as with this,
2002 Dec 31
1
Big Brother with Shorewall loc dmz zones?
How would I use Big Brother with Shorewall and my loc and dmz zones to monitor hosts in both zones? If Big Brother''s server is on my LAN (loc) is it "safe" to forward the bb port from the dmz to the LAN? What would the security risks of this be? Common sense says that it may not be a good idea to forward stuff from the dmz to the LAN, but I''m inexperienced and unsure
2005 Jun 16
1
RE: Setting up a routed DMZ -CLOSED
My sincere apologies to all on this list. After looking for returning packets with tcpdump and not finding ANY I called our provider to confirm our IP assignment. The IP range that I was given by my boss was incorrect. After adjusting the ip assignments, everything is working perfectly. Thank you all for your time in troubleshooting this, and I hope to be able to return the favor at some
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all, Name is Andrew and in desperate need of some info. Setup: - Mandrake 9.1 with three interfaces (eth0 --> WAN) C-class /28 network (with tree virtual addresses which I am DNAT-ing to the DMZ) (eth1 --> LAN) A-class 10.0.0.0/8 (eth2 --> DMZ) A-class subnet 10.1.123.0/24 - Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk Dilemma: - LAN can not access the DMZ zone
2007 Jul 26
2
DMZ and LOG
Hello !! I ve just install shorewall-common and shorewall-shell I can''t defined a network using the CIDR format for my DMZ in /etc/shorewall/hosts fast eth2:172.17.0.0/16 epac eth2:172.18.0.0/16 fsa eth2:172.19.0.0/16 bu eth2:172.20.0.0/16 recto eth2:172.21.0.0/16 dmz eth1:81.91.225.224/27 I receive this error: ERROR: Invalid zone definition for
2005 Feb 28
6
Trouble w/ transparent proxy in DMZ (fwmark, tc)
2004 Jul 27
2
icmp traceroute from dmz behind proxy-arp - icmp code 11 ?
hello there, im running a 3interface inet, dmz, loc. i have some public ip addresses. one public address is the router of the provider, the second one is the linux box running shorewall. all other public interfaces are on the dmz nic with proxy-arp. now whenever i do a traceroute (the dmz boxes are windows, icmp traceroute) the very first hop gets timeout/stars, then the router of the provider
2005 Jan 18
4
DMZ Recommendations
From reading the documentation, I understand that it is recommended to put servers that may be at risk in a DMZ served via proxy-arp. In this case, the local clients that are behind a NAT would have their connections to the DMZ masqueraded, yes? Is there any way around this that would still be considered secure? Just looking for advice. Thanks, A.
2002 Aug 20
2
Poor Mans DMZ
Tom, I have used Shorewall now for 4-5 weeks and I''m really impresssed by the power and flexibility of the package. I''m running Two-Interface Firewall with a MASQ''ed Shorewall (on SUSE 8.0) to protect my LAN (5 WIN XP''s and a WIN2K Server acting as PDC). The Shorewall Linux box has two NIC''s (eth0 to Internet and eth1 to my LAN Switch) and is also
2005 Apr 12
8
SMTP / DMZ
Hi Guys, I have been trying to configure shorewall 1) Internet Access to internal users 2) Have a DMZ that will house atleast 6 mail / web / ftp servers that will server our existing group companies outside our physical location. 3) Setup openvpn between our location and our group companies . What i have done so far is : - Created the 3 zones with the IP ranges as below. DMZ:172.16.10.x
2008 Aug 14
1
[OT] VPN/DMZ best practices
There is such a wealth of knowledge and personal experience on this list that I'd like to get your opinions on our current situation. Currently, we have a simple tri-homed firewall with the internal network on one interface, the dmz on another, and the dirty internet on the last. Also, there is a spare interface on the box which is unused. We use CentOS and manually maintain our rule sets
2005 Jun 16
5
Setting up a routed DMZ
Hello all, I''ve read the shorewall guides and browsed through the mailing lists, but I haven''t been able to find out if the following is possible or not using shorewall. Our provider has given us 16 IPs + 4 in a separate range for our uplink. I would like to replace that router with a Linux box running shorewall with three interfaces. I want the DMZ to be a standard, routed
2024 Dec 13
1
RODC in DMZ
On Fri, 13 Dec 2024 10:14:27 +0100 Ilias Chasapakis forumZFD via samba <samba at lists.samba.org> wrote: > Dear all, > > We (me and colleagues) were considering setting an RODC in our DMZ > for some authentication related questions. > > We were curious about any suggested best practices for those cases. > > We also notice that there are quite a lot of ports to
2004 May 17
1
Mail Server in the DMZ question
Been trying to puzzle through a firewall layout here involving E-Mail. Would have thought this was a more common kind of scenario, but I haven't been able to Google me up an answer to this one. At present I have an SMTP server (Postfix) in my DMZ that is simply re-routing mail into my secure network. This is a less than optimal setup simply due to having to allow traffic from the DMZ
2024 Dec 13
1
RODC in DMZ
Dear all, We (me and colleagues) were considering setting an RODC in our DMZ for some authentication related questions. We were curious about any suggested best practices for those cases. We also notice that there are quite a lot of ports to open vs. the ADs. * TCP 88 (Kerberos Key Distribution Center) * TCP 135 (Remote Procedure Call) * TCP 139 (NetBIOS Session Service) * TCP 389
2004 Nov 26
3
[OT] - Problem in DMZ
Hi everyone, Sorry for asking OT here, but I need your expertise :-) I am running a standard 3 I/F net, dmz, loc Shorewall 1.4.7 on a RH 9 server In the DMZ I have a web shop running with DNAT from the external address to the DMZ - this all works I want to add a develop server in the DMZ with external access so I set this up as per the live server and from internal network it works, but from