[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: Secure Telneting into a internal network
From:       Jeff Simms <jsimms () auracom ! com>
Date:       1997-01-30 13:43:09
[Download RAW message or body]

Allen D. Harpham wrote:
> 
> Hi All,
> 
> Whats a safe way to allow people to telnet into a network past a firewall
> from the Internet?
> 
> I have a client that if possible, needs to allow employees to dial up a
> local ISP and telnet net into their internal network over the Internet.
> 
> We have a packet filtering router setup now, and have proposed adding a
> proxy server in addition to the packet filter.
> 
> I have warned them that allowing any telnet sessions in would be a big
> hole in the firewall, but they would like to pursue this further.
> 
> Any suggestions?
> 
> TIA, Allen
> 


Allowing ppl to telnet into your network through the firewall isnt a
security risk as long as the firewall can deal with it.  If the firewall
is using circuit-level gateways, which it should be if its a decent
firewall, and the authentication on inbound access is enforced using
one-time password tokens then their shouldnt be a problem.  

Jeff Simms
Network Services Manager
auracom Internet Services

[prev in list] [next in list] [prev in thread] [next in thread]