Thread: Dmz

**toast** · 12-31-2006, 09:11 PM

Anyone know about this? and getting around it?

Need ideas.
T

**Moonbat** · 12-31-2006, 11:24 PM

It's pretty much a a middle-man between the 'internal network' (for instance, a compnay LAN) and an 'external network' (the Internet). It's kinda like a firewall. More information here.

[url]http://en.wikipedia.org/wiki/Demilitarized_zone_%28computing%2*[/url]

As for bypassing it, here is a pdf/powerpoint on the techniques used for this kind of thing.

[url]http://www.terena.org/activities/tf-csirt/meeting*/gowdiak-bypassing-firewalls.pdf[/url]

**toast** · 01-01-2007, 12:04 AM

I know all about the structure of dmz's (so the first is out the door), and the second link was what I found, which isn't what I'm looking for. See, I port scanned the guy with nmap. Now, his dmz allows only * ports. So, basically, my question really entitled was whether or not I treat it like a firewall now. (I know after the dmz is the compy's firewall, so it would be like bypassing two.)
Maybe I'm thinking to hard.

But thanks for the shot.
Anyone else?

Toast

**Moonbat** · 01-01-2007, 08:49 AM

Yeah, it's basically a second firewall.

**Ezekiel** · 01-01-2007, 11:10 AM

Originally Posted by toast

I know all about the structure of dmz's (so the first is out the door), and the second link was what I found, which isn't what I'm looking for. See, I port scanned the guy with nmap. Now, his dmz allows only * ports. So, basically, my question really entitled was whether or not I treat it like a firewall now. (I know after the dmz is the compy's firewall, so it would be like bypassing two.)
Maybe I'm thinking to hard.

But thanks for the shot.
Anyone else?

Toast

If it's just "one guy", then he probably doesn't use a DMZ. They're mostly for large companies which need to provide services to the net (mail server, DNS, website hosting) but don't want their internal network users to be accessible to the internet. He probably is behind a router and only forwarded * ports to his machine for certain services, which explains what you're experiencing.

Whether or not he has a DMZ, try entering his IP address into your browser to get into the router's web interface - some routers allow management from outside the LAN. If it doesn't work, try adding :8080 at the end, and if it comes up with a basic authentication password prompt, use [URL="http://www.phenoelit.de/dpl/dpl.html"]this list[/URL] to find the default password. Once you're in, you can forward all the ports you like.

**~~smart~fool~~** · 01-01-2007, 12:33 PM

I didnt think you could access the router outside the network. Probably the old ones only.

**toast** · 01-01-2007, 01:01 PM

Well, see, the guy Im doing all this to, is someone I know. And I was having the worst time just getting his compy to reply. So I asked him, and he gave me the clue that he has a dmz and all other interactions are forwarded to his lappy.
Thanks-

Toast

Edit: Nope the browser thing doesn't work....

Thread: Dmz

Thread Tools

Search Thread

Display

Dmz

Not really what I'm going for....

Posting Permissions