[ previous ] [ next ] [ threads ]
 
 From:  "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Disable WebGUI and use Shell only?
 Date:  Fri, 10 Mar 2006 13:49:32 -0500 
Thank you for the link, this looks like just what I may need.

http://www.xs4all.nl/~fredmol/m0n0/ <http://www.xs4all.nl/%7Efredmol/m0n0/>

On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>
> From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
> > On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> > > From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
>
> > > > Is there a way to disable the webgui and configure/access via
> > > > shell/ssh
> > > > only?
>
> > > No.  First, m0n0wall has no shell.  Second, the web GUI is not a
> config
> > > tool, but the backbone of the system.
>
> > I never really noticed this until now, but why can you not ssh into a
> > m0n0wall box for manual config and/or status monitoring w/o a gui?
>
> Cause there ain't no shell.  Or ssh, or command line, or cli, or anything
> other than the limited consol, and the gui.  But you can GET an ssh from
> Fred Mol at http://www.xs4all.nl/~fredmol/m0n0/  You will still need to
> have
> the GUI, however.
>
> > > This is not a technical problem, and can not be solved with a
> technical
> > > solution.  However, the new Sarbanes Oxley regulations can be your
> > > friend
> > > here.  "I am not sure about this.  Isn't giving access to the firewall
> > > to
> > > people not on the security team a violation of Sarbanes-Oxley?  Should
> > > we
> > > ask legal, or the auditors?"
>
> > It might be, but the client in question is a small business, and
> everyone
> > shares roles. There are some nosy people in the office that think they
> > know
> > how to "fix" computers, and to alleviate larger problems and issues it
> > would
> > be best to avoid them from seeing a webGUI.
>
> A high random port and SSL is your best bet.  Or, port 139.  Everyone
> knows
> what that is, and yet no one expects it to actually work right. :-)
>
>                         Lee
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>