There is an ActiveX web plug-in
for IIS that essentially is a terminal server client in a web browser(IE
ONLY). You can get it from the Microsoft web site at http://www.microsoft.com/windows2000/downloads/recommended/TSAC/default.asp
It is called Terminal Server
Advanced Client.
There are issues to be aware of
though:
1) It has no ability to use a
non-standard port. You WILL be connecting over
3389
2) You have to be running
IIS. This means that you will either have to reconfig IIS or WUG to use
something other than port 80 (if you already haven't)
3) ONLY works with Internet
Explorer the last time I checked, so connecting from a LINUX box with Netscape
is out
If you can live with those
things, then you have a very good method for connecting to a terminal server via
a web browser, giving yourself all the abilities you would from the terminal
server, i.e. TELNET to internal devices from the outside.
David Summers
214.706.1147
-----Original Message-----
From: John Ferguson [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 13, 2002 2:28 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [WhatsUp Forum] Adding Telnet to the web interfaceanother option - the way we do it...Run WUG on a Win2K server and install Terminal Services in remote admin mode. Then you can access it remotely (though not through the web interface) and you can do whatever you need to do (well beyond telnet..)You can set up terminal services for a non-standard port (other than 3389) and you have windows 2000 security working for you. (just keep the security updates current.)
>>> [EMAIL PROTECTED] 11/13/02 03:00PM >>>I agree with Jay, there are some big security questions you need to ask your self. However there are even bigger technical questions. There is a big difference between ping and telnet. Ping is non interactive. WUG runs a command and shows the output via the web page. That is easy to do. It could do that with telnet, but what good would it do if you can't interact with it.What you are really looking for is a telnet proxy. I know that there are some out there. You could install a proxy server on your WUG server and set a incoming port to the proxy server to then connect to a port on what ever server you wanted to connect to. The proxy server would need to be able to support telnet. You would telnet from your PC to the WUG server, on the port you assign (telnet://WUG:64907) then the proxy server would know (because you configured it) that port 64907 would redirect to securenetworkdevice:23. Because each server would need to be assigned a separate port on the proxy server, you would have to create a link to the notes field for each device.So there is a way to do it. I would not suggest it for admin headache and security reasons, but that is your chose not mine.Good luck if you decide to do it.Jeff Cook
IT Technician
Whatcom Educational Credit Union
[EMAIL PROTECTED]-----Original Message-----Let's put on our security caps and think about this one for a moment.
From: Jay Drew [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 13, 2002 10:28 AM
To: [EMAIL PROTECTED]
Subject: RE: [WhatsUp Forum] Adding Telnet to the web interface
1. The intent of some of the target telnet hosts may be to limit who gets in by IP address.
2. The WUG machine would be a member of that Access Control List
3. I WEB into the WUG machine from a machine outside of that ACL list, telnet to the target machine and have bypassed the "purpose" of the ACL.
4. Bypassing the ACL may be acceptable if you do via a strong host. I don't believe WUG provides that.
A. You web into WUG with a password in the clear because WUG is not using HTTPS.
B Someone snoops the traffic, gets your WUG password AND the login/password for the telnet session. The ACL just became useless.
I fully agree with the intent, but I believe the implementation will provide a security hole that I would find unacceptable.
And by the way, at least in rev 5 of WUG (I haven't looked at rev 7) the account file for WUG users could be viewed with an ascii viewer and you could pick out
username and passwords. Another warm-fuzzy to think about.
Jay
At 09:17 AM 11/13/2002 -0500, you wrote:
There must be a way to telnet from the whatsup server...when you run the ping command from the web interface, it pings from the whatsup server.
- -----Original Message-----
- From: Jason M. Black [mailto:[EMAIL PROTECTED]]
- Sent: Tuesday, November 12, 2002 2:36 PM
- To: '[EMAIL PROTECTED]'
- Subject: RE: [WhatsUp Forum] Adding Telnet to the web interface
- I saw the one on the IPSwitch page. I did not like how it looked and that is why I modified the two files I zipped and sent along.
- As for telneting from the Whatsup server, I do not think it is possible. I tried that a while back.
- __________________________________________________________________
- I think the files I sent are still being sent through the IPSwitch server.
- -----Original Message-----
- From: Jason Humes [mailto:[EMAIL PROTECTED]]
- Sent: Tuesday, November 12, 2002 1:58 PM
- To: '[EMAIL PROTECTED]'
- Subject: [WhatsUp Forum] Adding Telnet to the web interface
- I found an article relating to adding the telnet function to the web interface and I tried it out...involved editing the tools.asp file. It runs the telnet program fine...but the actual connection is originating from the machine that I'm using to view the web...not the actual whatsup server. The device I'm trying to telnet to is not accessible to my local machine, but obviously it is via the whatsup machine. Is there anyway to enable telnet from the web interface, originating from the whatsup servers nic, not that of my local machine. Thanks for the input.
- Jason D. Humes
- Applied Computer Solutions
- 3020 St. Etienne Blvd.
- Windsor, Ont.
- Phone : (519) 944-4300
- Fax : (519) 944-4247
- Email : [EMAIL PROTECTED]
