RE: Blocking Access to Non-domain computers

From: Steven A. Fletcher (sfletcher_at_integrityts.com)
Date: 08/25/04

  • Next message: Ajay: "key storage" 
    Date: Wed, 25 Aug 2004 15:46:36 -0500
To: "Raoul Armfield" <armfield@amnh.org>, <security-basics@securityfocus.com>

    Certainly! There are a number of products that will do such a thing.
    Microsoft has had such things for a while now, even going back to the NT
    4 days. On NT, they had MS Proxy which has now become Microsoft
    Internet Security and Acceleration (ISA) Server. There are other
    products, too, but that is one example.

    Steve
     

    -----Original Message-----
    From: Raoul Armfield [mailto:armfield@amnh.org]
    Sent: Wednesday, August 25, 2004 3:39 PM
    To: Steven A. Fletcher; 'Andreas'; security-basics@securityfocus.com
    Subject: RE: Blocking Access to Non-domain computers

    :-----Original Message-----
    :From: Steven A. Fletcher [mailto:sfletcher@integrityts.com]
    :Sent: Wednesday, August 25, 2004 12:54 AM
    :To: Andreas; security-basics@securityfocus.com
    :Subject: RE: Blocking Access to Non-domain computers
    :
    :That is the only option I can think of. If you think about it, how
    :could you keep non-domain computers from getting an IP address? As far
    :as I know, there is no provision in DHCP for such control. For the
    :system to determine whether or not to give the machine an address, the
    :machine would need to be able to communicate with the domain
    :controllers, which would require an IP address for the communication to
    :be able to happen.
    :

    I am a newbie so go easy on me. But should it not be possible to setup
    some type of proxy server that relies on domain authentication to allow
    access to the internet?

    Raoul

    ---------------------------------------------------------------------------
    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

    http://www.infosecinstitute.com/courses/computer_forensics_training.html
    ----------------------------------------------------------------------------

  • Next message: Ajay: "key storage"