Firewall Wizards mailing list archives
Digital DSNlink Service secure?
From: "Barnes, Jay" <JBarnes () limited com>
Date: Wed, 20 Jan 1999 14:17:05 -0500
[long time lurker, first time poster :) ] Anyone know of any vulnerabilities in Digital's DSNlink Service? (http://www.service.digital.com/dsnlink/V22_vms_std.htm) The usual searches didn't turn up much so I thought I'd ask here. Part of it's functionality requires configuring the firewall (Cisco PIX) to allow an inbound connection to a specific tcp port. I can nail up a static translation address on the PIX for the Alpha Cluster and set a rule to only allow the inbound connection if it's from a specific source address. I know that's not totally secure (spoofing, man-in-the-middle, etc.) but we would still be protected from the usual port scans. The simple network layout is: [Alpha Cluster]--[private network]--[firewall]--[public internet]--[host.digital.com] The Alpha is running OpenVMS 7.1-1H1 and I'm not sure about the client-side DSNlink software. (I'm still fishing for information from the sysadmins and Digital) I think I'm aware of the pitfalls of configuring the firewall for this, but aside from that I'm wondering if anyone has any information about this specific application. Or maybe you could take a look at the link above and tell me if anything leaps out at you. TIA, Jay Barnes SeƱor Network Analyst / EOC Network Services The Limited Inc. Three Limited Pkwy Columbus, Ohio 43230 614-415-7777 jbarnes () limited com
Current thread:
- Digital DSNlink Service secure? Barnes, Jay (Jan 21)