Next to electronic mail, the most widely used Internet services are telnet (remote login) and ftp (file transfer). The Eagle software has built-in, secure support for telnet and ftp. In addition, you can control the Eagle versions of these facilities to limit their use according to your security policy.
The Eagle software installation replaces the standard telnet and ftp on your Gateway host with Raptor Systems' modified, secure versions. The user interface for telnet and ftp in an Eagle-secured network differs slightly from the standard interface. Raptor Systems describes its telnet and ftp facilities as passthrough facilities. That is, users inside the network interact with the Eagle telnetd and ftpd service daemons on the Gateway host to access remote systems. Once connections between the internal and external hosts are authenticated, data between them passes through the Gateway machine under the control of the secure telnetd and ftpd service daemons.
The Eagle offers facilities for limiting telnet and
ftp services. To begin with, connections between internal and
external hosts must be authorized in the Eagle authorization
file (see Chapter ). Second,
individual users may
optionally be required to identify themselves, with an encrypted
password, before being permitted to use ftp or telnet
to access external hosts. Finally, with respect to ftp, a
subset of this service daemon's commands may be specified for each host in
the authorization file. There are two such limits for ftpd: putonly and getonly. They allow the system administrator to
separately permit write-only or read-only access. Ftpd screens
incoming commands and returns an error message if a command is
disallowed.
The Eagle may require up to six pieces of information to determine if a ftp or telnet session is authorized. The information needed is
The destination user name and address is always required. Before gwcontrol can determine what additional user authentication information may be needed, it must have the destination address to determine which authorization rule applies.
The gateway user name and password are required whenever user
authentication is enabled. Refer to Chapter for
more information about user authentication.
The alternate TCP/IP port number is used to access (via telnet a service available on the specified port number on a remote host.
In the example below we assume that the following line is in the
Eagle's configuration file (see Chapter ):
faraway.outbound.com allow mymachine
This permits users on faraway.outbound.com (a system outside the
Eagle-secured network) to connect to mymachine (inside the secure network) via passthrough telnet
or ftp. (In this example, firewall.xxx.com is the name of the
Eagle.) Figure illustrates
a telnet connection from faraway to mymachine:
Note the differences between this example and the standard telnet connection dialogue.
Although this example does not illustrate user authentication, had it been required, the Eagle Gateway would have prompted for a username and password and verified them before connecting to the internal host.
Having been authorized to connect by the Eagle Gateway, the user is now logged in as user username on mymachine via passthrough telnet. The Eagle will continue to transparently pass characters between the two systems until the user logs out.
As you would expect, the login dialogue for ftp also differs from the standard ftp version.
Assume that the Eagle's configuration file contains the following line:
faraway.outbound.com allow mymachine(ftp.getonly)
This allows users on faraway.outbound.com (a remote system
outside the Eagle-secured network) access to the internal host mymachine via passthrough ftp, but limits them to
downloading files. As with the previous example, the name of the
Eagle is firewall.xxx.com. Thus, users on faraway
who want to connect
to mymachine see the dialog illustrated in figure .
Note the differences between this example and the standard ftp connection dialogue.
When the connection to the destination host is closed, the service daemons will re-connect to gwcontrol to report that the connection is no longer there. Gwcontrol then removes that connection from the active list and updates the log.
User authentication provides more flexible control of who accesses
hosts in your Eagle-protected networks by allowing you to require
additional username and password authentication before users can
go into or out of your protected network(s). Refer to Chapter
for example user authenticated telnet
and ftp dialogs.
The telnet and ftp daemons display a message of the day upon initial contact. You can change this message. Edit /usr/adm/sg/gateway_motd to change the telnet message, or /usr/adm/sg/ftp_motd to change the ftp message of the day.