Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
656
Views
0
Helpful
3
Replies

telnet security

adimatteo
Community Member

‎06-16-2004 11:55 AM - edited ‎03-09-2019 07:46 AM

The problem that I have with allowing telnet thru the firewall is that once the client telnets to the destination host, there is no way to restrict them from hopping all over the network. Assuming that the client has full rights to the destination server, is there a product out there that can proxy this connection but not allow the client to jump from that server to another server.

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎06-16-2004 03:03 PM

It is NOT true that there is no way to restrict them from hopping all over the network, at least on Cisco routers. While "access-class in" applied to vty will restrict who can telnet to the router, "access-class out" applied to the vty will restrict destinations to which they can telnet. On devices other than routers I am not aware of a solution for your problem.

HTH

Rick
0 Helpful

adimatteo
Community Member
In response to Richard Burts

‎06-17-2004 05:15 AM

I should have made myself clearer. I am strictly talking about unix and MS server type hosts and not network gear. Thank you for your reply.

0 Helpful

s.uslay
Level 5
Level 5

‎06-17-2004 04:08 PM

I quess you need to implement AAA security for the first Telnet box that you are telneting and restrict that particular userid telneting out on that box. Easy to say, might be difficult to implement.

Serhat

0 Helpful
Customers Also Viewed These Support Documents