Of our engineering staff, the ones who are compute literate are usually
running linux or openbsd. They have a personal firewall configured using
ipchains or ipf. Our support people and non-savvy individuals are provided
with either a Linksys or comparable home-office firewall. This unit is
usually configured by me before installation on the home network. In fact,
I have made it a point that we offer a firewall unit to _all_ employees
with a home-office.
Greg
At 06:47 AM 4/23/01 -0700, It's The Zoooomer wrote:
>Yes SSH is great... but what protects the guy with the
>DSL connection...? I have a terrific connection into
>work with SSH but someone else has a terrific back
>door to the machine initating the external SSH
>connection.
>
> Robert
>
>
>
>--- "Gregory D. Nowicki (Greg)" <[EMAIL PROTECTED]>
>wrote:
> > We use ssh on a variety of Windows, Linux, and Sun
> > machines to offer our
> > employees just such a service. We can tunnel
> > virtually all of our remote
> > services through them (including VNC).
> >
> > Greg
> >
> > At 02:43 PM 4/20/01 -0700, It's The Zoooomer wrote:
> > >Well if you're talking about allowing the company
> > >employees (who have DSL at their houses) to be able
> > to
> > >come into the company. We're wrestling with this
> > right
> > >now. We're looking at personal fw's tht we can
> > >configure and protect them at their house and also
> > >have them up to make a secure connection into the
> > >company. some of the cast of characters include
> > >F-Secure, zonealarm, Blackice etc. Anyone had any
> > >success in these areas...?
> > >
> > > Robert
> > >
> > >
> > >--- "Andrew J. Caird" <[EMAIL PROTECTED]> wrote:
> > > > On: Fri, 20 Apr 2001 14:13:41 EDT
> > > > [EMAIL PROTECTED] wrote:
> > > >
> > > > >We do use FW-1, however, do you know if after a
> > > > client's policy is updated
> > > > >(upon logon) does that user then have the
> > ability
> > > > to alter that policy
> > > > >until the next time he/she logs on? My
> > > > understanding is that you can
> > > > >prevent this with ZoneAlert Plus through the
> > use of
> > > > authentication
> > > > >requirements and a centralized password
> > database
> > > > that exists on a file
> > > > >server. Thoughts?
> > > >
> > > > well, access to the keyboard means all bets
> > are
> > > > off, but i believe
> > > > that with a reasonably configured client the
> > > > policy is essentially
> > > > unchangable by the average end user(*).
> > again,
> > > > though, i've never
> > > > used this software, so i'm going on the
> > marketing
> > > > literature i've read. :)
> > > >
> > > > perhaps someone else on this list can share
> > some
> > > > real-life
> > > > experiences?
> > > >
> > > > --andy
> > > >
> > > >
> > > > (*) average end user == a user who can't figure
> > out
> > > > how to circumvent
> > > > the SecureClient policy.
> > > > -
> > > > [To unsubscribe, send mail to
> > > > [EMAIL PROTECTED] with
> > > > "unsubscribe firewalls" in the body of the
> > message.]
> > >
> > >
> > >__________________________________________________
> > >Do You Yahoo!?
> > >Yahoo! Auctions - buy the things you want at great
> > prices
> > >http://auctions.yahoo.com/
> > >-
> > >[To unsubscribe, send mail to
> > [EMAIL PROTECTED] with
> > >"unsubscribe firewalls" in the body of the
> > message.]
> >
> > -
> > [To unsubscribe, send mail to
> > [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Auctions - buy the things you want at great prices
>http://auctions.yahoo.com/
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
