what is wrong with hardening the box ( there is open source software for that ) and then running only services that are needed to be run on the box ?? i got a server runing VNC and i administer it remotely ..it only has the services it needs to run !!
-----Original Message----- From: Clay Dillard [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 20, 2001 6:11 AM To: Matt LYNCH; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Remote Admin of DMZ Matt, You are right to be cautious about remotely administering the machines in your DMZ. Have you considered connecting to your internal network using VPN? I'm not aware of any free VPN servers (exept that OpenBSD has P2P VPN abilities) but that would be a good way to protect your communications and it can be used by others for remote access. I would not use any of the products you have listed below. If the www server is a unix box you 'could' use SSH but still not as safe as VPN. Clay Dillard Sr. Partner, Information Security SecureSpeed Information Systems --------------------------------------------------------------------- www.securespeed.cc --------------------------------------------------------------------- ----- Original Message ----- From: "Matt LYNCH" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, November 19, 2001 5:17 PM Subject: Remote Admin of DMZ > I have been given the task of administering a web server contained within a > DMZ. I am OK with the admin side of things but would prefer for time reasons > to be able to remotely administer this machine. I have always used > PCAnywhere, VNC and the MMC. But I now cannot use these due to the security > risk. Does anyone else remote admin inside a DMZ and if so how?? > > All machine are NT 4.0, I use a W2K desktop. (Free would be nice, but I am > also interested if there are commercial solutions available). > > Thanks in advance > > Matt >
