> I'd like to block access to the ether0 port for all connections except
> those from our local ISP network, were we geeks login via ssh. That
> way the password would only travel across our LAN segment clear-text.
> If the PMconsole password passes in the clear, I'd like to block this
> to from non-LAN hosts.
What do you use for your gateway to the internet? I use a Cisco and have
filters there. There's generally no need for anyone on the internet to be
able to see my terminal servers...so they can't. Packets detined for my
terminal servers from remote sites are dropped by our internet gateway
router. Return traffic is also blocked.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will
Network Administrator | be proof-read for $199/hr.
________Finger jlewis@inorganic5.fdt.net for PGP public key_______