I realize that most security breaches are either caused by something or someone behind the firewall or by badly configured firewalls. But just how vulnerable is the firewall itself to external attack? Here are some scenarios:
1) ASL is set up to allow Webmin and SSH access only from the internal network, it has no open ports and it does not relay any external traffic (e.g., SMTP).
2) Same as 1 but ASL relays mail to a SendMail or QMail server in the DMZ.
3) Same as 1 but ASL allows access on port 80 to a web server in the DMZ.
4) Same as 1 but ASL allows road warrior access with a strong password.
Also, common wisdom (and ASL Office/Home version licensing) suggests placing all public servers on the same DMZ network. Wouldn't placing each server on a separate network (i.e., DMZ1, DMZ2, etc.) provide for a more secure environment?
In all cases, assume that there are no humans using the network or malicious code running behind the firewall.
Thanks.
Farid
Feeling paranoid from too much espresso and too little sleep.
This thread was automatically locked due to age.