LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

October 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS October 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: User Initiated Guest Access???
From:	"Bradford B. Saul" <[log in to unmask]>
Reply To:	Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:	Thu, 13 Oct 2005 20:57:18 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (78 lines)

The idea is to provide a single solution for guest access.  The password would have an aging 
time in the hours, somewhere from 12 to 36.  Also the users woudl be limited to ports 
80,443, and maybe VPN.  Just trying to thing of a simple and automagic way to provide guest 
access with some sort of audit trail.

Brad

---- Original message ----
>Date: Thu, 13 Oct 2005 12:02:17 -0700
>From: John Stauffacher <[log in to unmask]>  
>Subject: Re: User Initiated Guest Access???  
>To: [log in to unmask]
>
>Aside from conference services -- why would you do this? Unless of 
>course your CCA implementation is sandboxed (as ours is), seems your 
>opening up alot of risk. Is the idea to keep machines in compliance 
>rather than having an audit trail? Would you wherehouse the user/pass 
>combos or just purge them after 24hrs. Where would they live? Seperate 
>LDAP or RDBMS or radius? Seems like kind of an odd setup.
>
>Bradford Saul wrote:
>
>>This may sound a little crazy but here is what I have in mind for Guest
>>Access via Perfigo/CCA.
>>
>> - User connects to network
>> - Perfigo/CCA prompts for auth
>> - User enters a valid e-mail address
>> - 24 hour username/password is generated and e-mailed to said account
>> - Un-authenticated users are permitted 10 min of port 80/443 access to web
>>    to retrieve username/password
>> - User authenticates using new account/password
>>
>>Anyone had any thoughts along this line.  And, any chance anyone is already
>>doing this?
>>
>>Thanks...
>>
>>Brad
>>-----------------------------------
>>Bradford B. Saul
>>Lead Network Engineer
>>IT - Network Engineering
>>Hoffman Hall Room 10
>>MSC 0601
>>James Madison University
>>Harrisonburg, VA 22807
>>V: (540) 568-2379
>>F: (540) 568-1696
>>M: (540) 435-3079
>>[log in to unmask]
>>  
>>
>
>
>-- 
>John Stauffacher, CISSP
>Network Administrator
>Chapman University
>[log in to unmask]
>ph: 714.628.7249
>"It's amazing how much you take for granted when you already know what you are doing."
>"there is no /usr/local on my C:\ drive!"
>
>________________
>smime.p7s (7k bytes)
-----------------------------------
Bradford B. Saul
Lead Network Engineer
IT - Network Engineering
Hoffman Hall Room 10, MSC 0601
James Madison University
Harrisonburg, VA 22807
V: (540) 568-2379
F: (540) 568-1696
M: (540) 435-3079
[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU