Dlink DMZ implementation

Hi,

I have a DLink router, and it has a setting for 1 PC to be placed in the DMZ. What I want to know is if that DMZ'd pc is isolated from the rest of the LAN. Say in event that that pc is compromised, can an attacker go on and invade other pc's on the LAN ?

Why I am asking is because I also have a CheckPoint hardware firewall. And it implements a seperate LAN for the DMZ, and cannot touch the regular LAN. It even has it's own DHCP.

 

Answering my own question.

I placed a pc into the dlink DMZ, and enabled SSHD. Then on another pc I was able to ssh into that dmz'd pc. So conclusion, the DLink dmz is not a separate lan, and a compromised dmz pc can connect to all other pc's and wreck havoc.

 

I thought putting a computer in DMZ meant to put it outside NAT protection.

 

DMZ is generally used for hosting servers, like web servers. It would still get an internal address from DHCP. So it is not 'outside NAT protection'. It should be a separate zone, where all the risky stuff is placed, like things that are prone to getting hacked.

 

ok, thanks.