Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Yea. You shouldnt do that.Wolf-R1 said:Why the hell would you want to turn off your firewall???![]()
Scheizekopf said:Maybe he's trying to setup a server and wants to access it from outside the LAN. Then you just need to put it on the DMZ and forward the correct ports.
Why wouldnt you want to put it in the DMZ?StickyLoad said:That is incorrect. Don't put it in the dmz, you want to just forward the ports
Scheizekopf said:Why wouldnt you want to put it in the DMZ?
Exactly.Malk-a-mite said:Because it works the same as turning off the firewall to that computer.
Yeah. So? I have my computer in the dmz right now and I am just fine.Malk-a-mite said:Because it works the same as turning off the firewall to that computer.
It is just not good for security.jpmkm said:Yeah. So? I have my computer in the dmz right now and I am just fine.
Grizzle said:Dlink di-514
Can it be done?
If yes, how? The dmz?
jpmkm said:I'm sorry, I'm not quite understanding the security aspect here. I don't have anything running on my computer that I wouldn't have to set my router to forward. If I have vulnerable software running, it's going to get hit whether I have the port forwarded or I have my computer in the dmz. What is the difference? Should I really trust the $30 box more than my computer?
If I am running serviceX then it will be forwarded on my router. If it wasn't then I wouldn't be running it. I'd be screwed if I was forwarding it and I would be screwed if I was in the dmz.Malk-a-mite said:Since all the $30 dollar box does is work on routing and filtering, yes (debate about buying expensive vs. cheap goes here I know).
The question is if you can add a layer of protection to your computer would you? Packet filtering firewall is a layer of protection. If a month from now there is a new exploit in the wild and the IP scanners fire up looking for anyone running serviceX would you rather have a device that specifically blocks anything you didn't already allow to be forwarded or not?
jpmkm said:Suppose my computer is in the dmz, and it is running ssh server, apache, and vnc server. Other than those three daemons, how exactly will my computer get hit? I've always wondered this. Is it possible for somebody to do something to my computer not using a port I have open? I may be opening a door by putting my computer in the dmz, but there is a brick wall behind the door, and only a few bricks are removed.