|
Hi,
I am looking for ways giving secure access to host
enviroment from Internet. My question:
There are some products on the market which
gives secure telnet access(!) from Internet. These products can talk directly to
Host/Mvs TCP/IP stack or SNA servers (which means Internet -> DmzSNAserver
-> Host(via sna)).
**Would you give Internet access to your host
environment from Internet via SSL opening some ports? (In this configuration,
your host environment has a legal IP adress.)
There are other issues,
*like adding another interface
to mainframe for DMZ configurations(?),
*translating Internal Host
address to legal address
*putting another Firewall in
front of mainframe .(Well, mainframe backbone connections are complex
including multi connections and types- token ring, ATM etc. So, my other
question is: How can you put a firewall in front of mainframe without affecting
performance and changing your networking environment ? )
* Well, as we know
there can be exploits and security problems with TCP/IP stacks. Are there
any with mainframe TCP/IP stacks ? (IBM, Tcpconnect etc.) If yes, what is the
effect of this exploit? (Like Unix root or sendmail exploit, can
you gain access to the machine ?)
Thanks.
Ihsan Cakmakli
YKT
|
