At 08:35 AM 3/25/99 -0800, Jurgen Botz wrote:
>Yes, I could demand that all my remote users be running NT4.0SP4 with
>some additional security patches and have all their services turned
>off (or better still, Linux or *BSD configured by my network
>engineers), but how am I going to enforce this? Simply put it's
>administratively impossible... the machines of the remote users are
>beyond my control and must be assumed to be completely insecure.
>
>The approach I'm hoping to take (for lack of a better alternative) is
>to give people IPSec access but to try to ensure that at any time that
>they are tunneling into our network their machine is not reachable by
>any means /except/ through the tunnel. Establishing the tunnel will
>require authentication with a hardware token (this is what we're
>currently doing for Ssh, too... I've learned the hard way that I can't
>trust people to use strong passphrases even after practically pleading
>with them to do so). The result will be that at least their machine
>can't become an outright gateway into our network, although it might
>still be used as a springboard by an attacker aware of the mechanisms.
>Compromises, compromises.
Its no worse than allowing laptop telecommuters (with possibly compromised
systems) dial-in, as is now the common practice.
--Steve
