Topic: Testing New Hardware Firewall With DMZ And Backup Server. (Read 3478 times)

tickmike · « **on:** July 29, 2012, 06:03:45 PM »

I built a new hardware firewall (Smoothwall ) with a DMZ on it so I could connect my backup server to the internet ready for my daughter going to uni in September ( It will automatically back her laptop data once a day and she will be able to access any other data she needs from home).
My last test on it was to connect it up for a live test of data to it via the internet, so I got my daughters laptop to download it's data to the sever via a secure ssh link.
The laptop was on my LAN hopefully sending the data out via the same firewall that the DMZ was connected to, there is only one port open to the internet for the DMZ and no ports open from my LAN to DMZ.

My question is, Was this data going out on to the internet and how far does it go eg. just to my ISP severs and back ?.

Edit. just to point out I have a set of fixed public IPaddress's.

burakkucat · « **Reply #1 on:** July 29, 2012, 07:10:44 PM »

Hmm . . . That has needed some thought and I'm still not fully convinced (just like you, TM). $:-\$

Assuming that I have a correct picture of the setup in my mind, I believe the data will have gone "as far out there" as was necessary before it could be directed to the device with that IP address. Hence your ISP's servers would seem to be the "turn around" point.

Suggestion. How about taking your daughter and her laptop to the nearest "McBurger" establishment and testing access from there?

tickmike · « **Reply #2 on:** July 29, 2012, 08:56:08 PM »

Quote from: burakkucat on July 29, 2012, 07:10:44 PM

Hmm . . . That has needed some thought and I'm still not fully convinced (just like you, TM). $:-\$

Assuming that I have a correct picture of the setup in my mind, I believe the data will have gone "as far out there" as was necessary before it could be directed to the device with that IP address. Hence your ISP's servers would seem to be the "turn around" point.

Suggestion. How about taking your daughter and her laptop to the nearest "McBurger" establishment and testing access from there?

It has been taxing my one brain cell

.
Yes I agree with your idea but I was thinking of one of our near neighbors or a relative.
I want to make sure before we pay her uni a visit soon as there IT chaps said they will help me with a live test on our visit.

burakkucat · « **Reply #3 on:** July 29, 2012, 11:53:40 PM »

Quote

Yes I agree with your idea but I was thinking of one of our near neighbors or a relative.

Why yes, anywhere you could obtain an Internet connection will do.

Would you like me to perform an nmap port-scan on your IP address? If yes, then send me a PM with the details and I'll set one going.

asbokid · « **Reply #4 on:** July 31, 2012, 05:38:42 PM »

Talking of nmap, a site called nmap-online.com just came to light. It offers to perform remote port scans. [1] It's a bit more configurable than Steve Gibson's ShieldsUp service. [2] ShieldsUp does not scan udp ports, for example.

cheers, a

[1] http://nmap-online.com
[2] www.grc.com/

News:

Author Topic: Testing New Hardware Firewall With DMZ And Backup Server. (Read 3478 times)

tickmike

Testing New Hardware Firewall With DMZ And Backup Server.

burakkucat

Re: Testing New Hardware Firewall With DMZ And Backup Server.

tickmike

Re: Testing New Hardware Firewall With DMZ And Backup Server.

burakkucat

Re: Testing New Hardware Firewall With DMZ And Backup Server.

asbokid

Re: Testing New Hardware Firewall With DMZ And Backup Server.