Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Networking > need explaination on how DMZ works?

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

need explaination on how DMZ works?

Reply to Message Icon

Name: HuangAzen
Date: April 11, 2007 at 01:58:41 Pacific
OS: Windows XP Home
CPU/Ram: Intel T1300 / 1G ram
Product: ASUS
Comment:

Internet
|
|
|
Firewall-----DMZ
|
|
|
internal network


My company has a Win2003 + ISA network with 100 PCs, and we are trying to add our first mail server (M$ Exchange) to our network. I searched the Internet on the things I need to know and I found this "three-legged firewall" setup. This is the partial explanation on Wikipedia:

The point of a DMZ is that connections from the internal and the external network to the DMZ are permitted, whereas connections from the DMZ are only permitted to the external network — hosts in the DMZ may not connect to the internal network.

I am confused here. If DMZ may not connect to the internal network, how do the PCs in the internal network fetch data such as emails from DMZ? If DMZ is allowed to connect to internal network, how does DMZ protect the internal network? Hackers still can follow the data traffic that flow from Internet to DMZ and then to internal network, and hack into the internal network, right?


Hi, everyone ^_^



Sponsored Link
Ads by Google

Response Number 1
Name: Fist (by fmwap)
Date: April 11, 2007 at 02:41:08 Pacific
Reply:

Yup, it's just like you said, DMZ can connect to external but not internal, however internal network can connect to DMZ.

This is normally done w/ stateful filtering.

i.e.:
If the SYN comes from private side -- then allow
If the SYN comes from DMZ side -- then deny


0

Response Number 2
Name: Jennifer SUMN
Date: April 11, 2007 at 11:24:18 Pacific
Reply:

DMZ is outside the internal firewall and is not protected by same, thus preventing access to the internal network while still allowing for outside connectivity.

Life is more painless for those who are brainless.


0

Response Number 3
Name: seawatch
Date: April 11, 2007 at 17:34:06 Pacific
Reply:

Since neither of those guys explained "how" it works but rather "why" it works :), try this: http://neworder.box.sk/newsread.php...

Sometimes I think I understand everything, then I regain consciousness


0

Response Number 4
Name: HuangAzen
Date: April 11, 2007 at 18:38:59 Pacific
Reply:

Let me set this straight:

1) DMZ will not sent any unasked data to the internal network.

2) DMZ will not initiate any connection to internal network.

3) DMZ will only respond to the internal network when the internal network make a request to DMZ.

If the those three points are ture, can I make the following assumption:

I have a SMTP relay server in the DMZ (lets call it server1), and a Exchange server in the internal network (lets call it server2)

1) All the incoming emails from outside of my compnay will sotre in Server1

2) Server1 will only sned the emails to server2 when server2 makes a request to server1for the new incoming emails.

Hi, everyone ^_^


0

Sponsored Link
Ads by Google
Reply to Message Icon

Related Posts

See More


need advice on mail relay... Connect WRT54G and WAP54G



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Networking Forum Home


Sponsored links
Ads by Google


Results for: need explaination on how DMZ works?
how it works www.computing.net/answers/networking/how-it-works-/22021.html

Need help on LAN www.computing.net/answers/networking/need-help-on-lan/20530.html

Need info on routers www.computing.net/answers/networking/need-info-on-routers/6803.html