Firewall Wizards mailing list archives
Re: pcanywhere
From: "Joe Ippolito" <joe () joesnet com>
Date: Thu, 14 Oct 1999 12:31:25 -0700
My take on it: Do not allow remote control applications run through your firewall. Once they are in they are in and you might as well not have a firewall. If they cannot administer their NT server with the administration utilities that MS provides through a VPN or secure RAS connection then they should fix their server. If the server has a non-routable address (e.g. 10.x) and they first establish a secure VPN connection to your firewall, then and only then, you may want to consider a remote control application. You get to decide what level of proof they will need to provide that absolutely nothing else will work. ----- Original Message ----- From: Joseph S D Yao <jsdy () cospo osis gov> To: <shad0wlight () pop softhome net> Cc: <firewall-wizards () nfr net> Sent: Tuesday, October 12, 1999 12:03 PM Subject: Re: pcanywhere
What is the opinion of the list about allowing pcanywhere across a vpn connection to control some NT systems. I am not comfortable, but getting a lot of pressure in allowing that through the firewall. Thanks In Advance. - DeepakIf it were through a firewall, I would exhort you to resist the pressure. However, within the VPN - IF it's a properly designed VPN, and IF you trust most of the people inside, then there should not be much of a difference between that and a LAN. Not sure I'd run it on a LAN, either. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO/OSIS Computer Support EMT-B ----------------------------------------------------------------------- PLEASE ... send or Cc: all "COSPO/OSIS Computer Support" mail to sys-adm () cospo osis gov ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- pcanywhere Deepak Vaidya (Oct 12)
- Re: pcanywhere Jeff Sedayao (Oct 12)
- Re: pcanywhere Joseph S D Yao (Oct 13)
- Re: pcanywhere Joe Ippolito (Oct 16)
- Re: pcanywhere Andrzej Blaszczyk (Oct 13)
- Re: pcanywhere Ceirst N. Kaelton (Oct 16)
- <Possible follow-ups>
- RE: pcanywhere Desai, Ashish (Oct 13)
- RE: pcanywhere Henry Sieff (Oct 13)
- Re: pcanywhere Garrahan, Kelvin (Oct 19)
- RE: pcanywhere FERNANDO_MONTENEGRO (Oct 20)
- Re: pcanywhere dwelch (Oct 23)