I'm sorry, I guess I didn't explain the situation properly.
I want to run a security auditor from a machine which
just happens to be a Solaris box with a SoftPC card running
NT inside it. The machine is in charge of the security
of a large network with many layers of firewalls. The
problem is if the local firewall is configured correctly,
this one machine cannot test the remote firewalls because
the local firewall will block the traffic.
Installing and running auditors at all of the remote
firewalls is a less than desirable solution, so the idea
I thought of is to tunnel traffic from the local auditor
to a remote machine at the remote firewall so my auditing
traffic will go through the firewalls and appear on the
other side.
A quick picture:
[Auditor]---[firewall]---[ATM]---[firewall]---[remotehost]
<-----------[Proposed VPN]---------->
<--[TEST TRAFFIC]
The VPN would (should?) allow my traffic from the auditor
to travel through the network safely to the remote host,
which would extract the actual network data from the VPN
so the testing traffic would test from the outside in.
Ideally, I would like to accomplish this using ssh
tunnels, preferably to the extent allowed through patches
to the Linux kernel where a virtual interface is created
and bound to an ssh connection so the interface may be
addressed like any other network interface.
Thanks,
~Patrick
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
