OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: MS vs. Unix Remote Access
From: Paul Kreiner (pkreinerCRIADVANTAGE.COM)
Date: Wed May 31 2000 - 09:45:15 CDT

We also use SSH for NT. For a free, (relatively) easy-to-install SSH daemon
for NT, check here:

http://www.webpak.net/~god/Stuff/Tools/sshd_for_winnt/sshd1-v1.0.2.zip, or
the guy's homepage:

http://marvin.criadvantage.com/caspian/Software/SSHD-NT/default.php

_Paul K.

-----Original Message-----
From: Mark Fagan [mailto:mfaganVIRTUECON.COM]
Sent: Tuesday, May 30, 2000 3:58 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: MS vs. Unix Remote Access

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Afternoon,

SSh for NT Server can be used in conjunction with Unix Services for
NT.

You can remotely stop/start services, add users, run dos commands in a
shell-type envoirnment.

I will not even begin to explain how I managed to put it all together,
but someone on the list mentioned a commercially available product for
NT that will cover the areas you need.

M

- -----Original Message-----
From: Focus on Microsoft Mailing List
[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of AnnMarie Clattenburg
Sent: 27 May 2000 03:46
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: MS vs. Unix Remote Access

For starting and stopping services remotely from the command line, I
use
sc.exe - I think it's from the NT resource kit. I assume you need
adminstrative permissions to use it, though I've not tested it with a
lower
level account.

AnnMarie C.

- -----Original Message-----
From: Chris Miller [mailto:cmillerELEDGER.COM]
Sent: Thursday, May 25, 2000 8:31 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: MS vs. Unix Remote Access

This is purely for starting and stopping services? How secure does
that need
to be? At any rate....the resource kit for NT includes something
called
netsvc - you can stop and start remote services via a command line. I
am not
sure how secure this is, but I am also not so sure how secure the type
of
tool you are describing needs to be. As far as I know, it uses NT
authentication to check credentials for starting and stopping the
services.
If anyone knows exactly how netsvc works (with regards to security),
I'd be
interested in learning the details.

Chris Miller
- -----Original Message-----
From: Focus on Microsoft Mailing List
[mailto:FOCUS-MSSECURITYFOCUS.COM]On
Behalf Of Eric Lecht
Sent: Tuesday, May 23, 2000 2:37 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: MS vs. Unix Remote Access

I *know* i've seen this discussion come and go, but our Solaris guru
is once
again pissing and moaning that there are no tools for NT that'll allow
him
to securely establish a command-line shell to an NT server a' la
telnet
across a private yet insecure frame network using something akin to a
virtual console such as *NIX systems offer, and then stop/start
services
that have choked?

He says it can't be done. I realize this may have been addressed
before on
this forum, but I *cannot* come up with anything to refute him. I'm
not
trying to proponent of one OS over the other here...but when someone
tells
me something can't be done, i'm always suspicious....esp. when the
source is
less-than-accomodating when it comes to MS products, however right he
may or
may not be...

Like many state governments, we run a point-to-point frame network;
Lots of
state agencies are linked back across the network to our core, so the
connections *must* be secure, from workstation to server.

So...what do other sysadmins use who must, oh, say, securely connect
to a
remote NT box across a private, yet in fact insecure, frame network to
a
machine running a firewall, and stop/start services? Preference is
command-line shell.
Or is he right, and in fact can't be done? PCAnywhere is not an
option....=>8 P.

Eric Lecht

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2i

iQA/AwUBOTQ5Zitkth82ZyYIEQIqswCfSP6J5bEYVRLsihukYif1QSqWefwAoLgO
376VGsJBinMhMr8PgKy6hN2P
=1AKP
-----END PGP SIGNATURE-----