(PM) Remote POP (fwd)

MegaZone (megazone@megazone.org)
Wed, 20 May 1998 19:45:19 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rick Smith: "Re: (PM) Remote POP Management"
Previous message: Josh Richards: "Re: (PM) STAC Cards"

Once upon a time Scott Rothgaber shaped the electrons to say...
>My question is this: Can the bandwidth from the remote PM3 just go out to
>the cloud, period? Is there any reason that the data must come here first?
>The only thing that comes to mind is RADIUS authentication. The remote
>unit will use the RADIUS servers here. Are passwords and the shared
>secret sent in the clear?
>

You can send it to the public directly - but don't do it. IT will
basically make the PM-3 an independent entity n the Internet And your
RADIUS packets WILL go over the public net. They aren't in the clear, but
they can still be sniffed and then brute forced attacked. Also, any
admin sessions to the unit, syslog, etc, will all go over the public net.

Simply put - EVERYTHING that goes from this PM-3 to your LAN will need
to be sent in the public domain.

it is better to have a centralized feed to the outside world where you can
choke traffic and do DoS filtering and the like. I would never configure
the POP as its own entity.

-MZ

-- 
<URL:mailto:megazone@megazone.org> Gweep, author, webmaster, human being, me
"A little nonsense now and then, is relished by the wisest men" 781-788-0130
<URL:mailto:megazone@gweep.net> <URL:http://www.megazone.org/> Hail Discordia!
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Rick Smith: "Re: (PM) Remote POP Management"
Previous message: Josh Richards: "Re: (PM) STAC Cards"