Curious to know how FW-1 handles TCP/IP connections with systems that
MUX terminal (tty) devices, specifically an Equinox system with ELG
network cards? Is FW-1 inspection granular enough to control and or log
specific tty devices as they login in for telnet sessions when they are
connected via the ELG card (which has a singular IP address)?
Scenario: (server--> net connection--> ELG nic--> Equinox MUX--> tty
terminals)
The desire really is for the firewall to log individual tty device
access attempts with its server coming through the network (ELG card).
This is along with normal firewall security for other connections to the
server. Not sure if the desire is to necessarily prevent access down to
individual terminals via the firewall. Equinox may be able to handle
this on its own. Consolidation of logging is more key.
(I'm guessing) the ELG's IP address is combined with port
numbers/sockets/device-number to track (MUXing) the individual tty
terminal conversations through the network with the server. If the
assignment of the tracking value for each new tty telnet connection is
arbitrary or random, the game might be over. If it is based upon some
consistent value with a given terminal maybe it could be detected and
logged? A consistent port number for each terminal would do it.
Any thoughts would be appreciated.
Roger
|
|
