Go Back   nV News Forums > Software Forums > Networking And Security

Newegg Daily Deals

Reply
 
Thread Tools
Old 10-22-07, 09:24 AM   #1
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Here's one for the Network Admins

I am on the verge of redoing my entire network. I uploaded a generic topography of how I want it to look, but something is not clicking....I'm thinking that I got the firewall misplaced...but I am still puzzled.

Can you guys give me some suggestions?

Last edited by DiscipleDOC; 01-18-11 at 10:49 PM.
DiscipleDOC is offline   Reply With Quote
Old 10-22-07, 09:33 AM   #2
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Here's one for the Network Admins

It's correct. No need for a DMZ, firewall has to sit behind the router unless the router itself is capable of firewalling.
evilghost is offline   Reply With Quote
Old 10-22-07, 10:02 AM   #3
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: Here's one for the Network Admins

Quote:
Originally Posted by evilghost
It's correct. No need for a DMZ, firewall has to sit behind the router unless the router itself is capable of firewalling.
Well, if I may have to add a DMZ later, because I will use this same scheme for our china location...and they do a lot of FTP uploads.


Speaking of FTP, where would be a good place to insert it?
DiscipleDOC is offline   Reply With Quote
Old 10-22-07, 10:15 AM   #4
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Here's one for the Network Admins

Quote:
Originally Posted by DiscipleDOC
Speaking of FTP, where would be a good place to insert it?
Right into /dev/null, FTP isn't secure, consider using SSH with scp/sftp, there are Win32 versions that support AD authentication.
evilghost is offline   Reply With Quote
Old 10-22-07, 10:28 AM   #5
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: Here's one for the Network Admins

Quote:
Originally Posted by evilghost
Right into /dev/null, FTP isn't secure, consider using SSH with scp/sftp, there are Win32 versions that support AD authentication.
Yea...I know how insecure FTP is, but they (my company) have customers all over the world using it. Security is not a priority on the FTP box, just as long as I can keep people out of the rest of my network.
DiscipleDOC is offline   Reply With Quote
Old 10-23-07, 10:54 PM   #6
Absolution
AbsoUI
 
Absolution's Avatar
 
Join Date: Dec 2004
Posts: 933
Default Re: Here's one for the Network Admins

Quote:
Originally Posted by DiscipleDOC
Yea...I know how insecure FTP is, but they (my company) have customers all over the world using it. Security is not a priority on the FTP box, just as long as I can keep people out of the rest of my network.
thats a rather broad statement, it depends on what ftp service your using, if your worried about security, try vsftpd
Absolution is offline   Reply With Quote
Old 10-24-07, 04:24 PM   #7
ricercar
fugue master
 
ricercar's Avatar
 
Join Date: Oct 2002
Location: silicon valley
Posts: 1,603
Arrow Re: Here's one for the Network Admins

Get a switch, not a hub. A hub is slower than a switch. A switch is more efficient than a hub. A switch lives on an entirely different layer of the OSI stack than a hub.

A hub broadcasts every packet to all connections. This effectively means one device cannot talk until all other devices have stopped shouting. Packet collision errors (requiring retransmission) are common. Imagine a hub as a 4-way intersection with no stop signs. Cheap and low maintenance. Lots of traffic makes for a very bad situation.

A switch routes a packet only to the device that it is intended for. Many conversations can occur at the same time. Packets rarely collide. Imagine the switch as a competent traffic cop in this 4-way intersection. Traffic may have to wait for a turn, but everyone gets a fair turn.
__________________
I used to drive a Heisenberg, but whenever I'd glance at the speedometer, I'd get lost.
ricercar is offline   Reply With Quote
Old 10-24-07, 07:37 PM   #8
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Re: Here's one for the Network Admins

CSMA/CD in the house!
evilghost is offline   Reply With Quote

Old 10-30-07, 12:22 PM   #9
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: Here's one for the Network Admins

Quote:
Originally Posted by ricercar
Get a switch, not a hub. A hub is slower than a switch. A switch is more efficient than a hub. A switch lives on an entirely different layer of the OSI stack than a hub.

A hub broadcasts every packet to all connections. This effectively means one device cannot talk until all other devices have stopped shouting. Packet collision errors (requiring retransmission) are common. Imagine a hub as a 4-way intersection with no stop signs. Cheap and low maintenance. Lots of traffic makes for a very bad situation.

A switch routes a packet only to the device that it is intended for. Many conversations can occur at the same time. Packets rarely collide. Imagine the switch as a competent traffic cop in this 4-way intersection. Traffic may have to wait for a turn, but everyone gets a fair turn.
Yup...I changed that to a managed switch.
DiscipleDOC is offline   Reply With Quote
Old 12-04-07, 05:05 PM   #10
esaym
Friendly Guy
 
Join Date: May 2007
Location: USA
Posts: 62
Send a message via AIM to esaym
Default Re: Here's one for the Network Admins

Alot of diagrams here: http://community.smoothwall.org/foru...ic.php?t=10709
esaym is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
The Giant Stirs: Zynga Shows Social Network, Farmville 2 News Archived News Items 1 06-29-12 04:07 AM
Tiny Georgia telco files first network neutrality complaint News Archived News Items 0 05-22-12 06:40 PM
nvidia: using adaptive network models, indiv's are rep'd as nodes on a network w/ edg News Archived News Items 0 05-16-12 09:00 PM
My Gig network :D Rakeesh Benchmarking And Overclocking 9 05-01-12 05:35 PM
redhat 8 nforce network success cd21 NVIDIA Linux 2 10-07-02 08:48 PM

All times are GMT -5. The time now is 07:42 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.