Firewall Wizards mailing list archives

Re: Exposed serial connection

From: John Adams <jna-dated-1032604310.732402 () retina net>
Date: Mon, 16 Sep 2002 03:31:48 -0700 (PDT)

On 16 Sep 2002, Jonas Anden wrote:

- Encrypting the IP connection (Preferably SSL)
- Provide for authentication (Preferably outside the protocol sphere,
like SSL client certificates).
- Convert the data received on the IP end and send it out on the serial
line, and vice versa.


I'd think a Linux box running ssh and a captive shell (i.e. ssh to a
restricted rsh, chroot'ed session) would be low-cost and ideal for this 
situation. You can handle all of your authentication issues and such using 
SSL and any additional features can be readily programmed in. Just find a 
PC around the office that noone's using anymore (even a 286 will do for 
this job!) and put it into service. 

There are also many applications that can directly couple an inbound 
session to a serial port that you may want to look into. 

It's simply not worth spending money on proprietary hardware to solve this
problem.

--john

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Exposed serial connection Jonas Anden (Sep 16)
- Re: Exposed serial connection Paul D. Robertson (Sep 16)
- Re: Exposed serial connection John Adams (Sep 16)
  - Re: Exposed serial connection Jonas Anden (Sep 16)
  - Re: Exposed serial connection m p (Sep 16)
    - Re: Exposed serial connection John Adams (Sep 16)
- Re: Exposed serial connection Delafontaine André (Sep 17)
- <Possible follow-ups>
- RE: Exposed serial connection Dawes, Rogan (ZA - Johannesburg) (Sep 16)