'RE: Secure Telneting into a internal network'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    RE: Secure Telneting into a internal network
From:       "Derrick 'Red 5' Cole" <derrick.cole () ssds ! com>
Date:       1997-01-30 9:23:06
[Download RAW message or body]

There are at least two commercial offerings that provide the roaming user
an encrypted session back to the associated Internet firewall.  These
client "shims" are installed on the PC itself.  At least in one case, the
shim supposedly "knows" to encrypt session to the firewall while leaving
other sessions cleartext. 

You could also look at installing SSH on the firewall and obtaining a SSH
client.

Aside: Can/Will anyone comment on the... viability of SSH on a firewall?
Any gross/overt problems, other than "it's another exception, hence
another vulnerability"?

Thanks!
Derrick

On Wed, 29 Jan 1997, Allen D. Harpham wrote:

> Date: Wed, 29 Jan 1997 22:24:25 -0600 (CST)
> From: "Allen D. Harpham" <aharpham@cnweb.com>
> To: Firewalls@greatcircle.com
> Subject: RE: Secure Telneting into a internal network
> 
> Hi All,
> 
> Whats a safe way to allow people to telnet into a network past a firewall
> from the Internet?
> 
> I have a client that if possible, needs to allow employees to dial up a
> local ISP and telnet net into their internal network over the Internet.
> 
> We have a packet filtering router setup now, and have proposed adding a
> proxy server in addition to the packet filter.
> 
> I have warned them that allowing any telnet sessions in would be a big
> hole in the firewall, but they would like to pursue this further.
> 
> Any suggestions?
> 
> TIA, Allen 
> 
> ____________________________________________________________________________
> Allen D. Harpham, President   |     Voice:   (402)462-4619
> Computer Consultants of       |     Fax:     (402)462-4670
> Hastings, Inc.                |     E-mail:  aharpham@cnweb.com
> 1126 N. Briggs Ave.           |     HTTP:    http://www.cnweb.com
> Hastings, NE 68901-3713       | ____________________________________________
>                               | Custom programming, Network 
>                               | Design and Installation, 
>                               | Telecommunications Consulting,
>                               | Web Hosting Services
> ____________________________________________________________________________
> 

--
                             /             Derrick Cole (derrick.cole@ssds.com)
      ____/    ____/   ___  /    ____/    Suite 1000, Two Hannover Square
   ____  /  ____  /   /__/ /  ____  /    Raleigh, NC 27601-1764
 _______/ _______/ _______/ _______/    (919) 856-1441 Fax (919) 856-1455
 business-driven technology solutions             January 31st, 1997

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic