Firewalls: Re: netscape commerce server using javascript???

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: netscape commerce server using javascript???
From:	Benjamin J Stassart <dszd0g @ challenger . atc . fhda . edu>
Date:	Tue, 11 Feb 1997 03:27:12 -0800 (PST)
To:	firewalls @ GreatCircle . COM
In-reply-to:	<199702102031 . MAA12191 @ cvo . roguewave . com>
Reply-to:	Benjamin J Stassart <dszd0g @ challenger . atc . fhda . edu>

On Mon, 10 Feb 1997, Ron Snyder wrote:

> Date: Mon, 10 Feb 1997 12:30:13 -0800
> From: Ron Snyder <snyder @
 roguewave .
 com>
> To: firewalls @
 GreatCircle .
 COM
> Subject: netscape commerce server using javascript???
> 

> I was just getting ready to disable javascript through the firewall
> when he told me this.  Here are my questions:

> 1) Is it _really_, _really_ dumb of Netscape to REQUIRE javascript to 
> admin the server?

Well, I'm not sure that it is _required_ you can always hand edit the
config files and restart the server.  Personally though, the javascript
administration server is much more convenient and I've encountered some
quirks with the first method.

> 
> 2) Is there any way that I can have my cake (disable java*) and eat 
> it too (let him admin the server)?  These are the possibilities I can 
> see:
>    a) tell him to dial in to the web server
>       (modem should be dial-out only, so this is a bad idea)
>    b) Have him use ISDN to establish his admin sessions to the web 
>       server.
>       (What problems does the existence of his desktop ISDN 
>        connection give me?)

These would allow him to hand edit the configuration files but unless you
are going to run a ppp connection off the web server they still do not
allow him to use the admin server.

One alternative you can use if the web server is a UN*X box (There may be
some equivalent under NT but I'm a Un*x person) is to:

1) Install Netscape Navigator on the web server.

2) Allow ssh sessions from a secure workstation inside your network
running an X-server (Well as secure as you can get with X) to the
webserver.

3) ssh -f <webserver> <path to netscape binary>

Since ssh will forward the x over the ssh session you will have an
encrypted connection between your web server and your workstation.

4) Configure your administration server to only allow local connections
(The Netscape Navigator session will be running locally).

Anything I'm overlooking?

Benjamin
      -----------------------------------
Stress-n- The condition or confusion that arises when the brain
overrides the body's desire to choke the hell out of some
idiot who really needs it.

Follow-Ups:

Re: netscape commerce server using javascript???
From: Adam Shostack <adam @ homeport . org>

References:

netscape commerce server using javascript???
From: "Ron Snyder" <snyder @ roguewave . com>

Indexed By Date	Previous:	Re: Packet Filter rules... From: Jerry Mendes <mendes @ garnet . berkeley . edu>
Indexed By Date	Next:	Fire-X Firewall From: Mark Gillett <mgillett @ sghms . ac . uk>
Indexed By Thread	Previous:	netscape commerce server using javascript??? From: "Ron Snyder" <snyder @ roguewave . com>
Indexed By Thread	Next:	Re: netscape commerce server using javascript??? From: Adam Shostack <adam @ homeport . org>