Subject: | |
From: | |
Reply To: | |
Date: | Tue, 25 Feb 1997 17:56:18 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Stigers, Gregory - ANDOVER wrote:
>
> I am about to get out of my league here, but we are co-developing an
> application using the 3K as a data server with another software company
> (using IMAGE and COBOL no less!). One of their people wanted me to turn
> on TELNET so that the client can talk to the HP across TCP/IP, replacing
> the current DTC / serial connections currently used by the application.
> Problem is, our IP addresses are real, and I don't want intrepid souls
> hacking our 3K from some Internet connection.
Other than "security by obscurity", telnet is more secure than NS/VT.
Using 5.5's /var/adm/inetd.sec (? inetdsec.net.sys ?) you can specify
which addresses you will service, unlike NS/VT and other NS daemons
that have no filtering.
You can set a reasonable firewall on a router *provided* you by default
deny all connections and permit only what you wish (you can do it the
other way around, but it's not as secure).
NS/VT is only secure in that "not everybody has an NS/VT client".
Jeff Kell <[log in to unmask]>
|
|
|