dmz

Accessing WCF Service using TCP from the DMZ (not on network or domain)

99封情书 提交于 2020-01-06 08:20:09
问题 We have a DMZ where we host an IIS website which in turn communicates to our "app" server (also IIS) WCF services using TCP. When we are on the domain and in the network this works fine. When we try to access the services from the DMZ we get a "cannot handle anonymous" user exception. Accessing the app server directly works fine. Any suggestions on the best way to configure the security between the DMZ and the app server? Thanks. KJQ 回答1: netTcpBinding default to using Windows credentials so

What is DMZ in networking?

自古美人都是妖i 提交于 2019-12-23 07:26:41
问题 I have to configure a Java application which is hosted in side a corporate network. So what is DMZ and how to get through to expose the services? 回答1: DMZ (network): In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by IT professionals. It is sometimes referred to as a Perimeter Network. The purpose of

Firewalld防火墙高级实验

天涯浪子 提交于 2019-12-06 08:49:10
Firewalld实验 实验拓扑图 需求分析 (1)公司内网用户需要通过网关服务器共享上网 (2)互联网用户需要访问网站服务器 (3)只允许192.168.1.0/24ping网关和服务器 (4)网站服务器和网关服务器均通过SSH来远程管理,为了安全,将SSH默认端口改为12345,只允许192.168.1.10主机SSH网关和服务器,允许互联网SSH内部服务器 这次实验我们需要四台虚拟机,我们把Centos7 64位作为网关服务器。 Centos7-2作为企业内网测试机,Centos7-3作为网站服务器,Centos7-4作为internet测试机。 一、设备准备 首先在虚拟机Centos7-3,和Centos7-4上安装httpd服务 1.1、在Centos7 64位创建3块网卡,做静态,网卡1绑定VMnet1,为信任区域,网卡2绑定VMnet2,为DMZ区域,网卡3绑定VMnet3.为外部区域。 1.2、设置网卡地址, 网卡33,设为外部网络,IP地址为100.1.1.10 255.255.255.0 网卡36,设为信任网络,IP地址为192.168.10.1 255.255.255.0 网卡37,设为DMZ区域网络,IP地址为192.168.20.1 255.255.255.0 [root@localhost ~]# cd /etc/sysconfig/network

2分钟看懂DMZ区

我的未来我决定 提交于 2019-12-05 19:23:08
1、DMZ是什么? 英文全名“Demilitarized Zone”,中文含义是“隔离区”。在安全领域的具体含义是“内外网防火墙之间的区域”。 2、DMZ做什么? DMZ区是一个缓冲区,在DMZ区存放着一些公共服务器,比如论坛等。 用户要从外网访问到的服务,理论上都可以放到DMZ区。 内网可以单向访问DMZ区、外网也可以单向访问DMZ区。 3、为什么设置DMZ区? 为了安全(哈哈!)。做个假设,如果你公司的内网可以从互联网被访问的话,那么还存在什么安全?但是有些对外的服务还必须要能够从外网进行访问,在这种情况下“DMZ区”就应运而生了。 DMZ区是一个区域,她提供了对外服务器存放的位置, 有了安全,也有了方便 。通过下面DMZ区布置图可以加深理解: 1防火墙设置 2防火墙设置 作者:持之1恒 链接:https://www.jianshu.com/p/8580587c3201 来源:简书 著作权归作者所有。商业转载请联系作者获得授权,非商业转载请注明出处。 来源: https://www.cnblogs.com/cxyc005/p/11941426.html

Contact Active Directory with SSL

喜你入骨 提交于 2019-12-04 02:06:22
问题 I have a method that validates user credentials against Active Directory. I would like to use this method with SSL but I can't get it to work. The main problem is that I have a server that are outside of our network (is it called DMZ?). And from there I wanna contact my active directory, and that's why I want to use SSL. When using this on my local computer (not from DMZ) I get this error: System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be

Contact Active Directory with SSL

怎甘沉沦 提交于 2019-12-01 12:53:06
I have a method that validates user credentials against Active Directory. I would like to use this method with SSL but I can't get it to work. The main problem is that I have a server that are outside of our network (is it called DMZ?). And from there I wanna contact my active directory, and that's why I want to use SSL. When using this on my local computer (not from DMZ) I get this error: System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable. at System