[ previous ] [ next ] [ threads ]
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'m0n0wall at adrianocastro dot net'" <m0n0wall at adrianocastro dot net>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Embedded PC: 2 vs 3 Ethernet Ports
 Date:  Fri, 29 Oct 2004 11:43:30 +0200
> -----Original Message-----
> From: Adriano Castro [mailto:m0n0wall at adrianocastro dot net]
> Sent: vrijdag 29 oktober 2004 8:08
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Embedded PC: 2 vs 3 Ethernet Ports
>      Hi,
>      First and foremost hi to every one. I'm a newbie to the list and 
> m0n0wall. I've been reading quite a lot about it and have been going 
> through the list as well.
>      I haven't tried m0n0wall yet but will do soon. I'll 
> probably start 
> off using an old PC and either a hard-drive or the CD-ROM 
> solution. But 
> the embedded PCs really interest me.
>      In the meantime, I've been reading about the latter ones 
> and don't 
> fully understand the need or use of a 3rd Ethernet port (as 
> in Soekris' 
> net4501-30 model). 2 ports make sense to me: WAN + LAN. I believe the 
> 3rd port is commonly used for DMZ, correct?
>      If this is the case it kind of confuses me because I'm used to 
> having DMZs set-up virtually.

These 'Virtual DMZ's' are really something different. I guess you mean the
'DMZ host' you select in the cheap linksys and other home-routers, but that
is something completely different.
The DMZ's I use, are to prevent a hacker from taking over my whole LAN, when
he gets to my Webserver or mail-reverse-proxy, who both are in the dmz.
Hosts placed in the DMZ only have very limited (or none at all) access to
the LAN. By now I think you can agree that doing that on the same interface
of the LAN completely defeats the purpose of a DMZ.

>      Can anyone enlighten me, please?
>      Terribly sorry if this question sounds awkward or even dumb but 
> there's a long way to go for me in the firewall/embedded PC world.
>      Thank you for your time and understanding.
>      AD


Océ enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be