Great Circle Associates Firewalls
(February 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: PIX / Gauntlet blocking Telnet
From: SKLAVON @ MAIL . STATE . WI . US
Date: Fri, 28 Feb 1997 15:53:37 -0600
To: "firewalls(a)greatcircle.com" <firewalls @ greatcircle . com>
X400-content-type: P2-1988 (22)
X400-mts-identifier: [/PRMD=WISTGOV/ADMD=ATTMAIL/C=US/;0003800003041295000004]
X400-originator: SKLAVON @ MAIL . STATE . WI . US
X400-recipients: firewalls @ greatcircle . com 

We have two ICS systems, (internal control system), one is located in our
vendor's location, one within our offices. The vendor wrote the software.
Both crunch the same data and are cross-checked multiple times per day to
by us and an independent auditor to verify that no tampering has taken
place. Both systems receive data from the same 3 hosts via telnet. How
can we prevent the vendor or others from telneting into the host, and
from there into our ICS? We have PIX and Gauntlet available to us. As the
application is custom, no proxy will be available. Can a telnet session
from the host be distinguished from a telnet session originating
elsewhere and coming through a trusted host?

sklavon @
 mail .
 state .
 wi .
 us
Indexed By Date Previous: Firewall software
From: Jester <mother @ eagle . cc . ukans . edu>
Next: Re: allowing RIP or ICMP to the firewall.
From: Todd Graham Lewis <lists @ reflections . mindspring . com>
Indexed By Thread Previous: Firewall software
From: Jester <mother @ eagle . cc . ukans . edu>
Next: perfect OS for firewalls
From: Pavel Galynin <pgalynin @ chipnet . cz>
Google
 
Search Internet Search www.greatcircle.com