Hi,

a combination I think is very nice is OpenSSH (there is a free NT Version
here: http://www.networksimplicity.com) in combination with VNC or any
other remote tool. For OpenSSH on NT uses NT accounts, you can set-up a
policy that will lock the account used after x false logins making it
quite secure. If your Remote Control then uses a second authentication
different from the SSH one you should be fine given that you use a very
low-priviledged account for SSH. Just another hint, you can set OpenSSH to
listen on a different port than 22 so that it is more difficult to be
recognised by Port-Scans.

Kind regards,

Jens Mickerts

Matt LYNCH <MLynchimb.com.au>
19.11.2001 23:17

 
        An: security-basicssecurityfocus.com, focus-mssecurityfocus.com
        Kopie:
        Thema: Remote Admin of DMZ

I have been given the task of administering a web server contained within
a
DMZ. I am OK with the admin side of things but would prefer for time
reasons
to be able to remotely administer this machine. I have always used
PCAnywhere, VNC and the MMC. But I now cannot use these due to the
security
risk. Does anyone else remote admin inside a DMZ and if so how??

All machine are NT 4.0, I use a W2K desktop. (Free would be nice, but I am
also interested if there are commercial solutions available).

Thanks in advance

Matt

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]