Hi there,
I want the following setup:
Internet
Firewall
Webserver
Firewall
Intranet
What I need, is to be able to logon to the Webserver from the Intranet, using
userid/password on the webserver, and that has to be encrypted in the DMZ, as hackers
easily can sniff from the DMZ (if you disagree then please tell me why).
To logon to the webserver, one could use telnet, but that is not encrypted.
There's one could also use SSH, but all that I know about SSH is that where I worked
before, root used it to gain root-access to all other machines, using the
'.rhosts'-file, without needing to supply a new userid/password to the other machines.
That's pretty bad as well, I think.
Now my question is, is it possible to use SSH and still require supplying
userid/password to the Webserver?
If not, then what would you suggest?
Yours sincerely,
Brian J. Dyrehauge
Newbie IT Security Consultant
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
