Re: Remote telnet through firewall failing
From: Bill Vermillion (bv_at_wjv.com)
Date: 12/23/04
- Next message: NSM: "Re: default setting for tar"
- Previous message: brian_at_brie.com: "default setting for tar"
- In reply to: FyRE: "Re: Remote telnet through firewall failing"
- Next in thread: John: "Re: Remote telnet through firewall failing"
- Reply: John: "Re: Remote telnet through firewall failing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 23 Dec 2004 02:35:01 GMT
In article <t2vjs0pc8vc92o49hd769l2mhhismrdf98@4ax.com>,
FyRE <FyRE@toktik.d.co.uk.invalid> wrote:
>On Wed, 22 Dec 2004 11:35:41 -0500, John <ibis.john@rogers.com> wrote:
>
>[...]
>>I wish I could do this. I have Linux devices available on the
>>LAN on which I am building this server, but there will be none
>>on the end user LAN. The telnet problem required a solution,
>>partly because the only device on the ultimate destination site
>>which will be externally accessible will be the SCO system, but
>>mainly due to the nature of the client software involved.
>>I once was able to do what you described when there was a
>>FreeBSD NAT server present, but the site owner took it out to
>>put in a hardware firewall (ignoring my advice and overriding
>>my security concerns) and this option was lost. Even when I
>>did use this method, because of the nature of the some of the
>>client software involved which had very specific emulation and
>>connection requirements, this method would not serve 100% of the
>>time and direct telnet was still required for at least three of
>>the users.
>This is slightly puzzling. For one thing, the ssh tunnel will have no
>impact on the emulation used, and for another, it would look like a
>direct telnet connection (from the ssh server on the remote LAN) to
>the SCOG box. Never the less, if the company you're working for cannot
>spring for a few bucks for a linux/BSD box, or even source an old
>obsolete PC to save you sending sensitive information across the
>internet in plain text, then they deserve to have some 11 year old
>playing with their network. Hopefully you explained how ridiculous it
>is to force you to use an insecure means of connecting to them? By the
>way, if it's a new hardware firewall, doesn't it have VPN capabilites?
I used a machine that was going to be tossed as it was so slow and
limited. It's a FreeBSD running SSH and then the SCO can be
accessed by telent. The machine is a 233MHz PII, with 32MB RAM
and a 2GB drive.
And a '486 with a 500MB drive would work as well. Using a minimal
install I used an 800MB drive and found I had 400MB of free space
afterwards. I bet someone might pay you take away a system that
slow. That's probably cheaper than a SW firewall.
I set that up as the SW developer need to get into the SCO box and
I would not let it near the 'net the way it had been set up.
-- Bill Vermillion - bv @ wjv . com
- Next message: NSM: "Re: default setting for tar"
- Previous message: brian_at_brie.com: "default setting for tar"
- In reply to: FyRE: "Re: Remote telnet through firewall failing"
- Next in thread: John: "Re: Remote telnet through firewall failing"
- Reply: John: "Re: Remote telnet through firewall failing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
