RE: [WhatsUp Forum] Adding Telnet to the web interface

[Ron Loveday]

Is it possible to ping a certain port i.e.  4.2.2.2 23 not just in WUG   Ron Loveday MIS/DSL Manager 361-884-4411 Phone 361-884-4999 Fax     -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Cook Sent: Wednesday, November 13, 2002 2:00 PM To: '[EMAIL PROTECTED]' Subject: RE: [WhatsUp Forum] Adding Telnet to the web interface   I agree with Jay, there are some big security questions you need to ask your self.  However there are even bigger technical questions.  There is a big difference between ping and telnet.  Ping is non interactive.  WUG runs a command and shows the output via the web page.  That is easy to do.  It could do that with telnet, but what good would it do if you can't interact with it.    What you are really looking for is a telnet proxy.  I know that there are some out there.  You could install a proxy server on your WUG server and set a incoming port to the proxy server to then connect to a port on what ever server you wanted to connect to.  The proxy server would need to be able to support telnet.  You would telnet from your PC to the WUG server, on the port you assign (telnet://WUG:64907) then the proxy server would know (because you configured it) that port 64907 would redirect to securenetworkdevice:23.  Because each server would need to be assigned a separate port on the proxy server, you would have to create a link to the notes field for each device.    So there is a way to do it.  I would not suggest it for admin headache and security reasons, but that is your chose not mine.   Good luck if you decide to do it.   Jeff Cook IT Technician Whatcom Educational Credit Union [EMAIL PROTECTED] -----Original Message----- From: Jay Drew [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 13, 2002 10:28 AM To: [EMAIL PROTECTED] Subject: RE: [WhatsUp Forum] Adding Telnet to the web interface Let's put on our security caps and think about this one for a moment. 1. The intent of some of the target telnet hosts may be to limit who gets in by IP address. 2.  The WUG machine would be a member of that Access Control List 3.  I WEB into the WUG machine from a machine outside of that ACL list, telnet to the target machine and have bypassed the "purpose" of the ACL. 4.  Bypassing the ACL may be acceptable if you do via a strong host.  I don't believe WUG provides that. A. You web into WUG with a password in the clear because WUG is not using HTTPS. B  Someone snoops the traffic, gets your WUG password AND the login/password for the telnet session.  The ACL just became useless. I fully agree with the intent, but I believe the implementation will provide a security hole that I would find unacceptable. And by the way, at least in rev 5 of WUG (I haven't looked at rev 7) the account file for WUG users could be viewed with an ascii viewer and you could pick out username and passwords.  Another warm-fuzzy to think about. Jay At 09:17 AM 11/13/2002 -0500, you wrote: There must be a way to telnet from the whatsup server...when you run the ping command from the web interface, it pings from the whatsup server. -----Original Message----- From: Jason M. Black [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 2:36 PM To: '[EMAIL PROTECTED]' Subject: RE: [WhatsUp Forum] Adding Telnet to the web interface I saw the one on the IPSwitch page.  I did not like how it looked and that is why I modified the two files I zipped and sent along.   As for telneting from the Whatsup server, I do not think it is possible.  I tried that a while back.   __________________________________________________________________ I think the files I sent are still being sent through the IPSwitch server.   -----Original Message----- From: Jason Humes [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 1:58 PM To: '[EMAIL PROTECTED]' Subject: [WhatsUp Forum] Adding Telnet to the web interface   I found an article relating to adding the telnet function to the web interface and I tried it out...involved editing the tools.asp file.  It runs the telnet program fine...but the actual connection is originating from the machine that I'm using to view the web...not the actual whatsup server.  The device I'm trying to telnet to is not accessible to my local machine, but obviously it is via the whatsup machine.  Is there anyway to enable telnet from the web interface, originating from the whatsup servers nic, not that of my local machine.  Thanks for the input. Jason D. Humes Applied Computer Solutions 3020 St. Etienne Blvd. Windsor, Ont. Phone : (519) 944-4300 Fax     : (519) 944-4247 Email : [EMAIL PROTECTED]