[rescue] rear end rescue :-)

Paul paul at techcenter3000.com
Fri Nov 14 23:47:32 CST 2003


Well, off the top of my head, you might look into a good old printserver
that supports serial connection
I have an old milan FastPort with a serial and a parallel...I told it to
'Return printer status' and now it is both a console server and a print
server. Works well for that even though it isn't hugely secure. You could
conceivebly use it to tunnel SSH.

Now, I wonder if you could reverse SSH? I.E. tell a remote box to initiate a
SSH session _TO_ your box, open a term that attaches to kybrd/screen? Kind
of like the old modem cllback security system?


Have you looked at HP's switches? They have some nice stuff.


----- Original Message ----- 
From: "Curtis H. Wilbar Jr." <rescue at hawkmountain.net>
To: <rescue at sunhelp.org>
Sent: Friday, November 14, 2003 9:48 PM
Subject: [rescue] rear end rescue :-)


> Not really ontopic rescue... however I respect the great pool of
> knowledge on this list, and hope that the fact that this "rescues"
> my butt to be close enough to not aggravate the off topic gods....
>
> I'm contracting with a company, and there are a few things we need...
>
> 1. a "enterprise" class switch... at least 16 ports, but 24 would
>    be better.  Something that does Gig and 100baseTX.  If it were
>    not for the fact that they want the Gig for interserver traffic
>    I'd recommend something like a Cisco 2924XL.  If it can do
>    10baseT as well that would be good in case we have the odd
>    console server, etc that might need it.  Right now they have a
>    Dell gigabit switch... but it really is a workgroup type switch
>    (no management, vpn, etc).  Reliability is key... it has to
>    be reliable and dependable.
>
> 2. a console server... either serial, or one of those fangled
>    ethernet attached video/kb/mouse ones... and if that type it
>    would need to have "client" access from Windows or Linux.
>    A Livingston Portmaster 10 port (we only have half a rack at
>    a colo) would be great... only improvement would be something
>    like that that would support ssh to it rather than just telnet.
>    (I set it up so telnet to a port # gets you to a console port
>    on a hosting box, then I filter those ports out from coming in
>    the ethernet and setup local users that initiate telnet's to
>    localhost and the appropriate port number... only problem is
>    since you can only telnet, the password used is in plaintext
>    so for real security it should be changed each time it is used
>    so if they only supported ssh).
>
> What would make a cool device is a "dongle" that you connect to
> a serial port, and took ethernet in... and supported ssh :-) ...
> that would be cool if it could be produced cheaply enough (although
> a bit wasteful on IP addresses).
>
> Thanks to anyone who has any constructive tips and recommendations.
>
> -- Curt
> _______________________________________________
> rescue list - http://www.sunhelp.org/mailman/listinfo/rescue



More information about the rescue mailing list