Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

authenticating admins in DMZ

from [sven.de.jonghe] Network Security [Permanent Link]
Subject: authenticating admins in DMZ
Date: 22 Feb 2005 12:47:59 -0000 


Hi,

We have a bunch of admins that need to administer servers in the DMZ using 
Terminal Services. Up till now, they are all logging in using the same 
administrator account on the server. I would prefer having them log in using 
their domain account but obviously, the DMZ servers are not domain members.
What would be the most secure way to set up authentication in the DMZ?
Should I create a new domain in the DMZ and make all servers member of this new 
domain and provide a one way trust to our LAN Domain?
Would it be good to have both DC's communicate via IPSEC?
I don't want any replication of LAN accounts to the DMZ.
I also don't need authentication between servers in the DMZ or webusers logging 
in a website.
I just need admins logging on remotely via TS to be authenticated by our LAN DC.
Is all this a good idea? What are the possible threats involved?

thanx
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: firewall suggestion, Kevin Russell
Next by Date:  RE: firewall suggestion, Jason Ha
Previous by Thread:  Is this a good firewall?, Kevin Old
Next by Thread:  Re: authenticating admins in DMZ, Shane B. Milburn
Indexes:  [Date] [Thread] [Top] [All Lists]