|
||||||||
From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com> > On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote: > > From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com> > > > Is there a way to disable the webgui and configure/access via > > > shell/ssh > > > only? > > No. First, m0n0wall has no shell. Second, the web GUI is not a config > > tool, but the backbone of the system. > I never really noticed this until now, but why can you not ssh into a > m0n0wall box for manual config and/or status monitoring w/o a gui? Cause there ain't no shell. Or ssh, or command line, or cli, or anything other than the limited consol, and the gui. But you can GET an ssh from Fred Mol at http://www.xs4all.nl/~fredmol/m0n0/ You will still need to have the GUI, however. > > This is not a technical problem, and can not be solved with a technical > > solution. However, the new Sarbanes Oxley regulations can be your > > friend > > here. "I am not sure about this. Isn't giving access to the firewall > > to > > people not on the security team a violation of Sarbanes-Oxley? Should > > we > > ask legal, or the auditors?" > It might be, but the client in question is a small business, and everyone > shares roles. There are some nosy people in the office that think they > know > how to "fix" computers, and to alleviate larger problems and issues it > would > be best to avoid them from seeing a webGUI. A high random port and SSL is your best bet. Or, port 139. Everyone knows what that is, and yet no one expects it to actually work right. :-) Lee |