1. Strong user authentication. (I still prefer personal hand-held
authentication tokens, sans smartcards and readers.)
2. Ssh or a VPN.
3. Access controls that isolate, as one or several groups, the servers which
need remote diagnostic access, thru Authentication Agents on those servers.
Suerte,
_Vin
At 10:53 AM 7/6/99 +0200, [EMAIL PROTECTED] wrote:
>Hello,
>
>has anyone a suggestion how I can handle remote diagnostic access to
>servers in our LAN. My first thought was to put the server which need
>remote diagnostic access in the DMZ. But in this case I have to put all
>my servers in the DMZ sooner or later. The remote diagnostic user
>shouldn't get any access to other servers on the LAN. Yes I know I
>asking for something impossible. But, if anyone has a solution please
>let me know. Thanks in advance.
>
>Peter Ruegamer
>Network Administrator
>MTU Friedrichshafen
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>
--------
"Cryptography is like literacy in the Dark Ages. Infinitely potent,
for good and ill... yet basically an intellectual construct, an idea,
which by its nature will resist efforts to restrict it to bureaucrats
and others who deem only themselves worthy of such Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> *
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
