RE: Allowing secure external access.
From: Tim Donahue (TDonahue@haynesconstruction.com)Date: 10/30/02
- Previous message: maillist: "RE: Interesting One"
- Maybe in reply to: Shaolin Tiger: "Allowing secure external access."
- Next in thread: Robert Sieber: "RE: Allowing secure external access."
- Next in thread: jklemenc@fnal.gov: "Re: Client to Client / Peer-to-Peer IPSEC Application ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Tim Donahue <TDonahue@haynesconstruction.com> To: 'Shaolin Tiger' <shaolin@shaolin-tiger.com>, security-basics@securityfocus.com Date: Wed, 30 Oct 2002 08:47:37 -0500
If it is more than one person that needs remote access, you might look into
setting up a Citrix server. Citrix is capable of using SSL encryption.
If it is only one person you could use VNC over a SSH connection, or even a
SSH tunnel to a Win XP box's remote desktop.
Tim Donahue
> -----Original Message-----
> From: Shaolin Tiger [mailto:shaolin@shaolin-tiger.com]
> Sent: Monday, October 28, 2002 2:27 PM
> To: security-basics@securityfocus.com
> Subject: Allowing secure external access.
>
>
> Hi all,
>
> Just a quick query really..I'm pretty new to allowing people
> to come in from outside, I usually spend most of my time
> trying to stop them ;)
>
> I need to allow access to our internal database and
> application to the sales manager who spends all his time outside..
>
> I have an IPCop firewall which I believe has some VPN
> support, but only supports end to end connections, like 1
> IPCop box to another, as far as I can understand from reading
> the docs.
>
> I know in 2k and XP you can choose VPN when creating a new
> connection in network settings and enter a server IP but I
> don't think this would work with the IPCop machine.
>
> The sales guy will be using an XP laptop.
>
> The other option I thought of is having a dedicated machine
> inside using VNC or something and a port forward, but I don't
> think this is very secure.
>
> We do have terminal services on our PDC but it is allready
> overloaded and I wouldn't wish to put this extra burden on
> it...it may just give up.
>
> What other options do I have? Preferably free, or cheap and
> secure to put my mind at rest opening up a hole in the firewall.
>
> Any suggestions appreciated.
>
> Shaolin
>
> .: http://www.security-forums.com :.
>
> Share your knowledge
> It's a way to achieve
> Immortality.
>
>
- Previous message: maillist: "RE: Interesting One"
- Maybe in reply to: Shaolin Tiger: "Allowing secure external access."
- Next in thread: Robert Sieber: "RE: Allowing secure external access."
- Next in thread: jklemenc@fnal.gov: "Re: Client to Client / Peer-to-Peer IPSEC Application ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
