serpretetsky
2[H]4U
- Joined
- Dec 24, 2008
- Messages
- 2,180
If this post looks familiar it's because I have this same post posted at anandtech
Say I have a webserver that is unfixably insecure and is on my local network. What I mean is that if an intruder was determined and had network access to the webserver he could exploit the machine like crazy, and I can't fix that.
I want to be able to access this insecure webserver from outside my network, but obviously I don't want everyone to be able to access this insecure webserver, I need some sort of authentication and authorization to this network service.
I see that what I want already exists in the form of RADIUS servers.
But I'm just not familiar with the concepts, various vendors, and setups. I would prefer something simple, integrated into one solution (integrated into the router i guess) and cheap. I don't require NSA grade security, just something that will raise my security standards from (insecure webserver level)-> (consumer grade router with closed ports secure password level).
I'm also not sure how this would actually work from outside the network. Would I visit some webpage hosted by the router/server that would have me provide a login and password? Would i need to SSH into the router/server and authenticate through CLI? Thanks
Say I have a webserver that is unfixably insecure and is on my local network. What I mean is that if an intruder was determined and had network access to the webserver he could exploit the machine like crazy, and I can't fix that.
I want to be able to access this insecure webserver from outside my network, but obviously I don't want everyone to be able to access this insecure webserver, I need some sort of authentication and authorization to this network service.
I see that what I want already exists in the form of RADIUS servers.
But I'm just not familiar with the concepts, various vendors, and setups. I would prefer something simple, integrated into one solution (integrated into the router i guess) and cheap. I don't require NSA grade security, just something that will raise my security standards from (insecure webserver level)-> (consumer grade router with closed ports secure password level).
I'm also not sure how this would actually work from outside the network. Would I visit some webpage hosted by the router/server that would have me provide a login and password? Would i need to SSH into the router/server and authenticate through CLI? Thanks