Re: Secure browsing across insecure LAN
hi ya
On Sun, 16 Feb 2003, Elie De Brauwer wrote:
> I think the most easiest way is to open aan SSH connection to your home,
> enable X11 forwarding en export your browser window to your workplace, this
> is the easiest way but may consume a little more bandwidth.
i presume the corp IT dept know better... to disallow such activities
and all other non-essential (insecure) home networks from connecting to a
secure corp lan
and conversely, am sure you dont wnat your home PCs to show up as a
clickable icon on all of the user's windoze/linux PCs at work
- talk to your manager/firewall admin/it dept/ etc..etc
- if you'/re the IT manager trying to experiment and get your home
pc to browse your corp lan...
- hire a security it guy to come in and set it all up
and blame him/her for any security breaches ..:-)
( that's what outsiders are good for :-)
- you cannot "privately" navigate w/o being noticed/seen/tracked
because you are using the same "copper wire" as the rest of the people
- assuming you want your one PC at home to be seen at your PC at work..
ssh is probably simplest/best ... but its NOT private...
and do need to be able to clear/pass thru the firewalls
- if you require private connections.. you would need to install
a ppp or dsl line at work for you to connect to it from home
- and a 2nd nic port on your pc at work
- what do you mean by "privately"
c ya
alvin
> > In my workplace they just installed Internet access. However, I wish I
> > could navigate privately some sites (for example, Dmoz.org, where I
> > edit), at least privately from some personal in my company with access
> > to the server. So I think in creating some kind of private tunnel
> > between my work's computer and my home's one, and accessing Internet
> > from my home and tunneling to my work.
> >
> > However, I doubt which method could be better (easier to
> > install/manage?), I'm looking to Dante, Ipsec, socat or maybe some other
> > VPN. However, as I only want to secure WWW, maybe I could just use some
> > kind of SSL service, or maybe even some proxy-ssh combo?.
> >
> > Does any one have any suggestion?
>
Reply to: