Proxy 2.0 secure?
Mon, 29 Jun 1998 21:44:57 GMT



"Brian Steele" <> said :

> >> Try reassigning IP addresses to 200 PCs.  Or 2000.  Remember, each PC at
> >> least on my LAN MUST have a registered name, they are not referenced by
> IP
> >> address, so your DNS config has to be updated as well.
> It's going to take you a LOT longer than two minutes to do that, starting
> with writing that Perl script. 

Not so long ;).. i bet i can do in 2 minutes ;)
> >Ok, i was incorrect. It will fail in heterogenous world, _except_ things
> >that do have MS-aware hooks on it. I think it's better don't rely on
> >MS hooks and just to use standard technologies.
> Define "standard technologies" as regards to OS logon validation.  Doesn't
> everyone has their own standards concerning security mechanisms and their
> implementation?

I'd prefer to see something OS-independant. 

> NT provides a mechanism that allows you to logon to a domain of servers and
> PCs, and not just one server at a time.  Why shouldn't I take advantage of
> this?

a) just because you can't rely on security of PC you try to use for
network access. b) because it works only if _every_ machine in
your network can speak M$ that is not always possible.

If you _can_ rely on any PC security and _every_ machine on the net 
speaks M$.. then security issues with M$ proxy itself start to appear ;) 

                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

Version: 2.6.3i
Charset: noconv