Re: Double hopping
From: Juha Laiho (Juha.Laiho_at_iki.fi)
Date: 10/11/05
- Previous message: Volker Birk: "Re: Double hopping"
- In reply to: Adrian Casey: "Double hopping"
- Next in thread: Adrian Casey: "Re: Double hopping"
- Reply: Adrian Casey: "Re: Double hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 Oct 2005 15:02:54 +0000 (UTC)
Adrian Casey <news@agcasey.com> said:
>I'd like to be able to detect and prevent double hopping.
>
>For example, a user is logged into host-A. From host-A they log into
>host-B. From host-B, they log into host-C. How do I detect this double
>hopping and how can I prevent it?
>
>The user may use telnet or ssh. I don't want to install a wrapper for
>telnet and ssh nor mess with syslog configuration.
More or less: you don't detect it, and you can't prevent it.
At least not with your requirements.
Could you describe why this situation is a problem? If you see this as
a security problem (people who are located in networks form which they
should not be able to access C, access C through the chain A-B-C), then
the security problem is that the network and system set-ups allow any
sessions to be established from A to B (or B to C, depending on where
the security perimeter is).
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
- Previous message: Volker Birk: "Re: Double hopping"
- In reply to: Adrian Casey: "Double hopping"
- Next in thread: Adrian Casey: "Re: Double hopping"
- Reply: Adrian Casey: "Re: Double hopping"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
