× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Interesting idea Gary. So what you are saying is that let's say you have
SystemX, SystemY, SystemZ. And your concern is that a user on SystemX can
get to SystemY and use that to initiate nasties on SystemZ. Others, like
Scott and I, are arguing that you should be hardening SystemZ to stop
attacks on it. Maybe your concern is that perhaps SystemZ was hardened.
Perhaps they have a strong exit point on it to only accept remote commands
from the IP address associated with SystemY. Your argument is that you
should then secure SystemY's use of remote commands so that they aren't
used to leap frog into SystemZ. Am I right so far? Do I get credit for
trying to understand your angle? I suppose one could go on that the full
litany of commands that could be executed from there should be secured.
Including, but not limited to: TELNET, FTP and a host of api's and pase
and qsHell applications available to attack SystemZ from SystemY. Then
there's the defense in depth strategy. Not only do you secure access
using certain techniques to SystemZ from only being initiated from
SystemY, but you also secure them to only being allowed from certain
individuals. For example user SAM can only run a remote command from
SystemY.

I think Chuck was referring to the "full litany".

gotta go.


Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.