Don't do it!!!
You risk having that system and the remote net being hacked. One idea would be to try network and port scans back and forth to eliminate the need for such a drastic measure. Have the partner alter their config to allow pptp and try connecting with dial-up networking's vpn options. I cannot urge you enough to avoid such a risk. I have seen similar events cost peoples jobs in a matter of an hour or two, especially if both ends are unaware of the potential hazards... If you can elaborate on the "problem", there are many here (the users group) that can assist in resolving the underlying issues! One thing would be to verify that routing is properly configured for the 2 ip classes. Danny H. Cox -----Original Message----- From: David Kraut [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 15, 2002 1:23 PM To: 'Chris Green'; Cox, Danny H.; [EMAIL PROTECTED] Subject: RE: [gb-users] Outbound Filter? I should clarify that I only want to do this for a test.... This will be a temporary "opening" so that we can troubleshoot a problem connecting to a partners network via a proprietary VPN client. Thanks! David -----Original Message----- From: Chris Green [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 15, 2002 4:12 PM To: Cox, Danny H.; [EMAIL PROTECTED] Subject: RE: [gb-users] Outbound Filter? You missed the point completely. They want all inbound/outbound traffic to pass freely to the box. This is no different than plugging in direct. It was sarcasm for the most part. Chris Green -----Original Message----- From: Cox, Danny H. [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 15, 2002 3:09 PM To: Chris Green; [EMAIL PROTECTED] Subject: RE: [gb-users] Outbound Filter? That is suicide. What person would be foolish enough to connect direct? On a Windows system you are guaranteed a hack & slash job in a matter of hours if not minutes. I have worked with hardening Windows systems for some time (about 7 years) and I would rarely consider such a senseless act. Unless they want to poke around the net and try their own hacking skills, I see little benefit and lots of risk. Danny H. Cox -----Original Message----- From: Chris Green [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 15, 2002 12:45 PM To: [EMAIL PROTECTED] Subject: RE: [gb-users] Outbound Filter? Remove the firewall and plug them directly into the internet -----Original Message----- From: David Kraut [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 15, 2002 2:39 PM To: '[EMAIL PROTECTED]' Subject: [gb-users] Outbound Filter? What is the best way to give a single internal client (IP) full unfiltered access to/from the Internet? David --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
