RE: Allowing secure external access.

From: Russell Morrison (rmorrison@axys.net)
Date: 10/29/02 

From: "Russell Morrison" <rmorrison@axys.net>
To: "'Shaolin Tiger'" <shaolin@shaolin-tiger.com>, <security-basics@securityfocus.com>
Date: Tue, 29 Oct 2002 10:20:04 -0700

Have a look at www.expertcity.com for the GoToMyPC product which does
not require you to open up an inbound connection and still requires the
remote user to login to the internal network once they connect using
various passwords. Pretty cool product.

HTH

Russell

-----Original Message-----
From: Shaolin Tiger [mailto:shaolin@shaolin-tiger.com]
Sent: October 28, 2002 12:27 PM
To: security-basics@securityfocus.com
Subject: Allowing secure external access.

Hi all,

Just a quick query really..I'm pretty new to allowing people to come in
from outside, I usually spend most of my time trying to stop them ;)

I need to allow access to our internal database and application to the
sales manager who spends all his time outside..

I have an IPCop firewall which I believe has some VPN support, but only
supports end to end connections, like 1 IPCop box to another, as far as
I can understand from reading the docs.

I know in 2k and XP you can choose VPN when creating a new connection in
network settings and enter a server IP but I don't think this would work
with the IPCop machine.

The sales guy will be using an XP laptop.

The other option I thought of is having a dedicated machine inside using
VNC or something and a port forward, but I don't think this is very
secure.

We do have terminal services on our PDC but it is allready overloaded
and I wouldn't wish to put this extra burden on it...it may just give
up.

What other options do I have? Preferably free, or cheap and secure to
put my mind at rest opening up a hole in the firewall.

Any suggestions appreciated.

Shaolin

.: http://www.security-forums.com :.

         Share your knowledge
          It's a way to achieve
                Immortality.

Relevant Pages

  • Shed quote maybe than twist with Nellys orthodox jam.
    ... They are terming relative to the examination now, won't secure ... Just recruiting round a consumption despite the archive is too ... Let's may in connection with the gradual labs, ... Satam will across claim them on you. ...
    (sci.crypt)
  • Re: Please help us with a fraud situation
    ... You won't have a 100% secure connection. ... I don't think you loose your informations only on the internet connection. ... Dont open attachments or emails from anyone you dont know ...
    (comp.security.firewalls)
  • Re: Ping Dr Who
    ... :I am able to use your advice and make secure connection to easynews on ... How do you know your connection to Cotse is secure? ... For total security you should use Tor to access Cotse. ...
    (alt.privacy)
  • Re: Limit Broadband DSL usage at home
    ... I have a DSL connection, the day time download ... Invest in an old PC with two NIC cards and install IPCOP on ...
    (uk.telecom.broadband)
  • Re: Modify UserPassword attribute in ADAM
    ... I try to do it for my test> adam ... With>> default settings we require that you perform password operations over a>> secure channel. ... >> 0) Perform over SSL connection ... >>> account and have join this accont to administrators group ...
    (microsoft.public.windows.server.active_directory)