Re: SSH Connecting through Firewall
From: all mail refused (elvis_at_notatla.org.uk)
Date: 01/12/05
- Next message: syd.diamond_at_gmail.com: "ssh & new server: secureCRT can work, but ssh cannot authenticate after six password entries"
- Previous message: all mail refused: "Re: ssh unter cygwin: Problem bei Ausführung aus PHP"
- In reply to: Andrew Schulman: "Re: SSH Connecting through Firewall"
- Next in thread: Darren Tucker: "Re: SSH Connecting through Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 12 Jan 2005 19:27:35 GMT
In article <MPG.1c4f3613b5d9f88f9896a4@localhost>, Andrew Schulman wrote:
>> Basically, if you have collusion between
>> parties inside and outside the firewall then unless the firewall is the
>> old-fashioned "air-gap" variety[1] then they can get messages in and
>> out.
>was: Firewalls are incapable of stopping authorized LAN users from
>connecting in or out. Therefore, admins should stop trying, and
>concentrate instead on educating their trusted users about their
>security concerns.
It's worse than that - firewalls are incapable of stopping agents
(human or computer) that cooperate on different sides of the firewall.
Now you need a human-sized microwave oven in a visible place to
give terminal education to disobedient laptop users for instance.
-- Elvis Notargiacomo master AT barefaced DOT cheek http://www.notatla.org.uk/goen/ 7.031: OnACPower returned value( 0x1 ) which is Equal To 0x1
- Next message: syd.diamond_at_gmail.com: "ssh & new server: secureCRT can work, but ssh cannot authenticate after six password entries"
- Previous message: all mail refused: "Re: ssh unter cygwin: Problem bei Ausführung aus PHP"
- In reply to: Andrew Schulman: "Re: SSH Connecting through Firewall"
- Next in thread: Darren Tucker: "Re: SSH Connecting through Firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
