Great Circle Associates Firewalls
(July 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: trusting the firewall
From: lists @ lina . inka . de (Bernd Eckenfels)
Date: Wed, 24 Jul 1996 11:34:40 +0200 (MET DST)
To: firewalls @ GreatCircle . COM
Reply-to: ecki @ lina . inka . de

Hello,

on our firewall we want to accept any incoming telnet connection (to an
internal host) and do some authentification (based on S/KEY or any other
'secure' way). This is done by an transparent telnet proxy (just like TIS
Gauntlet is doing I think). The problem is, that after the connection is
authenticated we can dodifferent connections to the inside:

[externA]------->[firewall]--->[router]--->[intern]
telnet e->i        e->i                   on the internal host connections
                                          seem to come from the outside.

telnet e->i        f->i                   on the internal host connections
                                          seem to come from the firewall.

telnet e->f        f->i                   after specifying a host, the
                                          connections comes from the firewall
 
The problem with this is, that the internal host always asks for additional
username and password, AND authentificated user A on the fireweall can still
login as user B on the internal host. One solution would be to start a
rlogin or ssh connection from the firewall to the internal host. The
advantage of this solution is, that you have the secure authorization of the
firewall available at the internal host for external connections, the
biggest disadvantage of this is, that the internal host hast to trust the
username the firewall delivers.

Are there any solution for this problem? One way would be to use an
authentification server. The firewall authentificates the user against the
authentification server and passes the ticket from the server to the
internalhost. The internal host asks the authentification server to validate
the ticket. The problem with this approach is, that the login of the
internal host needs to be changed (or ssh needs to run a login replacement
which is rather easy). The advantage is, that anyone on the firewall who
wants to log into a internal host needs to present a valid authentification
to the authentification server and is unable to spoof users.

I am sure the solution with the authentification server is the most secure,
but I realy would prefer to have a self-contained firewall (which means
there has tobe some trust and even user-authorization data) on the firewall.
The System should be for small busiess no high-grade military security. Am I
missing a solution?

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 lina .
 {inka .
 de,ka.sub.org}  http://home.pages.de/~eckes/
  o--o     *plush*  2048/A2C51749  eckes @
 irc  +4972573817  *plush*
(O____O)       If privacy is outlawed only Outlaws have privacy


Indexed By Date Previous: Re: Authentication necessary when encryption ?
From: Jan-Hein van der Burg <jhb @ knmi . nl>
Next: Re: PREDICTIONS, MUST BE BREAK TIME...
From: lists @ lina . inka . de (Bernd Eckenfels)
Indexed By Thread Previous: Log file recording
From: Dino Trabucco <dino @ interconnect . com . au>
Next: RE: trusting the firewall
From: Miller Robert RC <MILLERRC @ USUWPHARMS . zen . com>

Google
 
Search Internet Search www.greatcircle.com