OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: RE: 3rd party access
From: Little, Craig (SSI-SIAP-NP5) (craig.littlessi.co.nz)
Date: Thu Aug 24 2000 - 04:53:22 CDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Basic answer - there is NO absolute way of keeping your network
absolutely secure if you start opening it up! All you can do is
protect it as well as you possibly can. There are obvious precautions
you can take though...

*Change the ports used by pcANYWHERE from standard
(HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\pcAnywhere\System)
*Enforce the use of the strongest encryption available during the PCA
session
*Make sure that terminating the PCA session locks the server
*Enforce user id's and passwords - and make sure the passwords are
strong

Craig.

- -----Original Message-----
From: Robin Harvey [mailto:RHarveynorplats.co.za]
Sent: Thursday, 24 August 2000 6:01 p.m.
To: 'firewallsLists.GNAC.NET'
Subject: 3rd party access

Hi,

What is the most secure way of allowing developers access through our
company firewall onto the internal network?

We are thinking of opening a port on the firewall (Gauntlet 5.5 NT)
and
allowing only 2 ip addresses through. The developers will be using
the
latest version of pcanywhere to perform remote work on our SQL
database.

How does this sound? The ports will be open for most of the day and
night.

Input most welcome

Regards
RJH

- -
[To unsubscribe, send mail to majordomolists.gnac.net with
"unsubscribe firewalls" in the body of the message.]

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBOaRHVckKSVawnurJEQL1lACgv22rUqJRA8MYjY/VLWYwibbI5VIAnijd
SR6R3JOa96OKx6GaRnqqbDcJ
=tuGC
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to majordomolists.gnac.net with
"unsubscribe firewalls" in the body of the message.]