On Mon, Aug 27, 2001 at 05:47:11PM -0400, Charlie Brady <[EMAIL PROTECTED]> wrote:
>
> On Mon, 27 Aug 2001, Justin Funke wrote:
> > [...]
> > This would still open up the servers to brute force attacks from the
> > Internet. If it is going to be able to be "enabled" on the public side as a
> > feature, I would hope for it to be shipped as "disabled" by default.
>
> More than just the default, we don't include any support for changing the
> default.
>
> I'm sure that it won't take you folks long to work out a tweak to allow
> external access, or, better, external access from a limited range of
> addresses.
> [...]
And to save everyone hunting around:
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom a.b.c.d
/sbin/e-smith/events/actions/conf-httpd-admin
/sbin/e-smith/events/actions/reload-httpd-admin
[ or /sbin/e-smith/signal-event console-save ]
A few notes:
- HTTPS access to the manager and password panel are available from
all configured local networks. Extra external IPs and/or networks/masks,
can be added through the ValidFrom property.
- External HTTP access is _never_ allowed.
- There is no manager option to set the ValidFrom property at this stage.
- No special port numbers are required
https://{servername}/server-manager (and e-smith-manager)
https://{servername}/user-password (and e-smith-password)
- The "ValidFrom" property affects both the password panel and the manager.
As has been raised here, it would be good to have two properties, but that
isn't in 5.0
Gordon
--
Gordon Rowell [EMAIL PROTECTED]
VP Engineering
Network Server Solutions Group http://www.e-smith.com
Mitel Networks Corporation http://www.mitel.com
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
