Hi Arie,
Just the risk that anybody from your internal network could SSH
directly to the box, and if they know (or guess) a username and password,
they could logon. A better solution would be put define a group of hosts
for the machines that need to get to the firewall and add a rule which only
allows access from that group to the firewall (source=SSH group,
dest=firewall). The less hosts you allow access directly to the firewall,
the more secure it is.
Thanks,
Abe
Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department of Education
Voice 502-564-2020x225
E-mail [EMAIL PROTECTED]
Web http://www.kde.state.ky.us/
> -----Original Message-----
> From: Arie Gilboa [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, December 21, 2000 9:21 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] SSH Connection
>
>
>
> Is there any security risks to allow SSH Connection from my
> Internal network
> to external Server ?.
>
> Thanks,
> Arie Gilboa
>
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
