(Accidentally did a direct reply this morning -- let's try this again...) If you're really serious about security, I think you should take a second look at VPN. The way I handle VPN configuration for the less computer literate is that I have a test machine on my EXT network that I use to create and test a VPN config. When everything works to my satisfaction, I export the config, copy it to a floppy disk, and send it to the user along with the VPN install CD.
For the end user, it' simply a matter of loading the software and importing the configuration. If the user also needs a host table update, then I have a .BAT file that determines the OS that is running (by looking at the location of LMHOSTS or LMHOSTS.SAM) and copies the updated host file from the floppy to the correct place. Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED] > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 06, 2002 9:39 AM > To: [EMAIL PROTECTED] > Subject: [gb-users] Security Issues > > > I work for a Company that has developed a web based > Warehousing system for > Vendor Managed Inventory. This has been very successful for > us, however with > the increase in attacks from virus's we made a decision to > restrict access > by ip. This has been very successful from the virus point of > view (0 attacks > in the last year). However our ever enthusiastic salesforce > are pushing for > a relaxing of this. > > If we were to remove the ip restriction, block port 80 and > allow only access > via 443 would this in the panels opinion represent a massive > increase in > risk? We have considered VPN, however the thought of talking a non > IT-literate person through the installation and setup when he > speaks no > English and I speak nothing else and he is umpteen thousand > miles away just > doesn't work for me. > > rgds > > gmcb > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
