[ previous ] [ next ] [ threads ]
 
 From:  "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Disable WebGUI and use Shell only?
 Date:  Thu, 9 Mar 2006 23:23:05 -0500
It might be, but the client in question is a small business, and everyone
shares roles. There are some nosy people in the office that think they know
how to "fix" computers, and to alleviate larger problems and issues it would
be best to avoid them from seeing a webGUI.

I never really noticed this until now, but why can you not ssh into a
m0n0wall box for manual config and/or status monitoring w/o a gui?

Thanks for your replies.



On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>
> From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
>
> > Is there a way to disable the webgui and configure/access via shell/ssh
> > only?
>
> No.  First, m0n0wall has no shell.  Second, the web GUI is not a config
> tool, but the backbone of the system.
>
> > Or maybe run the webgui on an odd port, etc? Have the console menu dump
> > into
> > a shell login prompt instead of console menu, etc?
>
> Pick any port.  And run it with ssl if you want.
>
> > I ask because we are going to setup a m0n0 box in a small office that
> has
> > several nosy people in it that will want to start "playing with
> settings".
> > I
> > would like to do the inital config in the webgui, then disable it and
> > continue to configure via a shell, etc. and keep it that way.
>
> This is not a technical problem, and can not be solved with a technical
> solution.  However, the new Sarbanes Oxley regulations can be your friend
> here.  "I am not sure about this.  Isn't giving access to the firewall to
> people not on the security team a violation of Sarbanes-Oxley?  Should we
> ask legal, or the auditors?"
>
>                         Lee
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>