Firewall Wizards mailing list archives
Secure remote access.
From: "Jan B. Koum " <jkb () best com>
Date: Tue, 15 Dec 1998 15:02:04 -0800
Hello all, I know this is not directly firewalls connected, but I feel this in one way or another relates to firewalls since a lot of places install firewalls and still allow some sort of other remote access via dial-in or etc. Hence the question: how paranoid are those of you who are faced with doing remote access type stuff? I mean - ideally you could just say "no remote access". Why? Because you can do much better control of the packets inside your network and hardware inside your organization (ok, for now we are not going to talk about crackers dresses as janitors getting inside your building at 10pm). I might have hard time expressing this, but notion of the computer, which at one point was connected to the big bad internet and now has something like Back Orifice running is now connected to your dial up will not make anyone concerned with security sleep better. This is where l^Huser education comes in - but how effective is it in real life? I guess what all my mumbling boils down to: what are people doing to make sure people who access their network remotely (say, dial up for now), have same protection as if they are sitting in their cube inside security perimeter. Firewalls? But when they disconnect and then dial into their ISP and do something stupid, there are no firewalls to protect them. Give people some type of tamper proof device which will allow dial-in into your network only? Am I just been overly paranoid? -- Yan
Current thread:
- Secure remote access. Jan B. Koum (Dec 18)