Hank Nussbacher (HANK%TAUNIVM.BITNET@wiscvm.wisc.edu)
Tue, 7 Apr 87 12:07 IST
I have a feeling this posting might generate quite a bit of
philosphical talk - but I would like to request in advance that I am
not interested in feelings and/or emotions but rather technical solutions.
With that behind me I would like to know about solutions in Tcp/Ip for
the following two areas:
1) Access control:
A) On a system level: How do I go about restricting the use of users
from using Tcp/Ip? I realize that every operating system may have
a different solution but I am interested in hearing concepts and
whether anyone is actually doing it.
B) On a gateway level: If I have a gateway (say something like Bridge
or cisco) do I have any capability of performing any sort of access
control? If yes, is this access control based on connected machines
or can I even exercise access control on a user level (i.e. restrict
FTP or TELNET to a certain group of users on a certain machine).
A) System level: Is there any accounting package that can measure things
like packet transfer (FTP always tells you how many Kb/sec you sent
so it isn't impossible to figure out) levels and Telnet connect time?
B) Gateway level: Is there some gateway or monitoring PC that can do
accounting? Is the accounting per system or can it be broken down
per user (I assume very difficult to do)?
As a side note, anyone who is up on ISO: what is the status of accounting
and access control in ISO? Has it even been thought of?
Thanks in advance,
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:38:06 GMT