Security Basics mailing list archives
Re: Telnet vs PcAnywhere
From: "Ron and Lisa Mehring" <rmehring () havelocknc net>
Date: Mon, 10 Mar 2003 19:25:42 -0500
Tony, Some of this may be off subject but I feel the need to mention. (Sorry to all) 1. I would not allow them (vendors) in without a specific MOA. Define the specific requirement(s) for access and then some. Justification is a necessity. Set the boundaries. Considering your health care signature I would ensure that attention to detail is managed on this subject. Ensure the risk you are assuming is appropriate for the access requirement your vendors require. Boy, is it easy for those contracts to fly through without all departmental perspectives being applied (Security, Systems. Financial. managerial ect...) 2. I would ensure by name access is allowed in and those personnel with access sign agreements. Using a PKI would be beneficial. 3. The remote technical aspects are somewhat moot if reliable session encryption\algorithm is used and the source and endpoint can be trusted. This technical issue could probably worked into an acceptable risk level dependent of course on your business and sensitivity of information. I would prefer SSH be used if it fits application wise. I am not an expert on PC anywhere so I cannot comment on it in depth. My experience with PC anywhere has been through dial in access. I am totally against it if used\utilized by an untrusted source via dial-in. To many ways for this access to go unchecked in most environments. Summary: I am one to not allow vendors (typically untrusted) remote access to anything. Be wary, look as those contracts and understand the "true" requirement. Some little tidbits that I hope help. Take Care Ron Mehring Information Assurance Specialist ----- Original Message ----- From: "Tony Lindsey" <tonylindseyt () excite com> To: <security-basics () securityfocus com> Sent: Thursday, March 06, 2003 10:18 PM Subject: Telnet vs PcAnywhere
Folks, What is the difference in security protection/features between granting an
outside vendor VPN access using TELNET versus using PCANYWHERE? Some of our vendors need vpn access to their servers inside our network..and I have seen the firewall rules set up both ways.
In my discussions with the firewall administrators, security people,
network engineers, server administrators, etc...it seems as though the people are using telnet and pcAnywhere interchangeably. I was always under the impression that telnet was more restrictive.
Tony Lindsey Audit and Risk Management Group Managed Medical Services LLP U.S. Division _______________________________________________ Join Excite! - http://www.excite.com The most personalized portal on the Web!
Current thread:
- Telnet vs PcAnywhere Tony Lindsey (Mar 07)
- Re: Telnet vs PcAnywhere Igor D. Spivak (Mar 07)
- Re: Telnet vs PcAnywhere Andreas Happe (Mar 08)
- Re: Telnet vs PcAnywhere Chris Travers (Mar 10)
- Re: Telnet vs PcAnywhere a.berreby (Mar 10)
- Re: Telnet vs PcAnywhere Sean Knox (Mar 07)
- Re: Telnet vs PcAnywhere John O'Connor (Mar 07)
- Re: Telnet vs PcAnywhere David M. Fetter (Mar 08)
- Re: Telnet vs PcAnywhere Chris Travers (Mar 10)
- Re: Telnet vs PcAnywhere Ron and Lisa Mehring (Mar 11)
- Re: Telnet vs PcAnywhere Charley Hamilton (Mar 11)
- <Possible follow-ups>
- RE: Telnet vs PcAnywhere Depp, Dennis M. (Mar 07)
- RE: Telnet vs PcAnywhere Michael Parker (Mar 10)
- Re: Telnet vs PcAnywhere Igor D. Spivak (Mar 07)