Re: Double hopping
From: Juha Laiho (Juha.Laiho_at_iki.fi)
Date: Tue, 11 Oct 2005 15:02:54 +0000 (UTC)
Adrian Casey <firstname.lastname@example.org> said:
>I'd like to be able to detect and prevent double hopping.
>For example, a user is logged into host-A. From host-A they log into
>host-B. From host-B, they log into host-C. How do I detect this double
>hopping and how can I prevent it?
>The user may use telnet or ssh. I don't want to install a wrapper for
>telnet and ssh nor mess with syslog configuration.
More or less: you don't detect it, and you can't prevent it.
At least not with your requirements.
Could you describe why this situation is a problem? If you see this as
a security problem (people who are located in networks form which they
should not be able to access C, access C through the chain A-B-C), then
the security problem is that the network and system set-ups allow any
sessions to be established from A to B (or B to C, depending on where
the security perimeter is).
-- Wolf a.k.a. Juha Laiho Espoo, Finland (GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++ "...cancel my subscription to the resurrection!" (Jim Morrison)