[Courses] [Security] Firewall theory -- UDP and nameservers
hobbit at aloss.ukuu.org.uk
hobbit at aloss.ukuu.org.uk
Fri Mar 22 14:14:35 EST 2002
On Thu, Mar 21, 2002 at 02:16:09PM -0500 or thereabouts, Raven, corporate courtesan wrote:
> Heya --
>
> Quoth hobbit at aloss.ukuu.org.uk (Wed, Mar 20, 2002 at 01:31:11PM +0000):
> > Of those, I think it's the last suggestion. I asked my husband. And
> > didn't understand it well enough to relay here without garbling it.
>
> Okay, this makes sense to me. This sort of setup, where you
> have the outside world (totally untrusted), a firewall, a sort of
> semi-trusted area, another firewall, and then your internal network is
> commonly called a DMZ. That's short for demilitarized zone -- the term
> was stolen from the military. [grin] It allows you to run servers and
> services that have to access the public Internet in possibly threatening
> ways, and not have your internal workstations trusting them entirely.
I gather 'firewall' is a military term originally, too. Never known
what it means in that context. I can't think of many things which
sound pleasant that it might be.
> That, and also that (I am assuming) y'all set up and maintain
> both the firewalls and the nameserver. When you control a box, it's a
> lot easier to decide what sort of traffic it can send and recieve.
Yeah. I had nothing to do with either, and I hadn't realised that
firewall 1 was there and doing that until I saw the diagram.
> Does that make sense?
It made beautiful sense. Thank you!
The only thing I'm not sure about now is what this NAT stuff is.
This is probably a bad time to ask. I should have mentioned this
the first time it came up. I intended to go and find out. And I
forgot. So I'll ask now before suddenly it shows up in every
future email or something.
Telsa
More information about the Courses
mailing list