Spiceworks App - VPN Or No VPN?
-
I open the SSL port when I actually use it a lot. Most places I do not use it enough outside the network to need to.
-
SSL is all that I would do. SSL is a form of VPN. You can hack an extra authentication step if you really want.
-
@JaredBusch said:
I open the SSL port when I actually use it a lot. Most places I do not use it enough outside the network to need to.
I am the ONLY one who uses it...mainly for the network scanner and I do store my knowledge base there and I enter a ticket myself for all issues so I can refer back to them. Guess it doesn't hurt to take 2-3 steps to VPN so I can enter a ticket and take a glance at things. I've been trying for a while to get people to OPEN tickets themselves but we are just too small for that...easier to email or walk by.
-
Have them use the email but instead of sending to you, send to support, or whatever other address you setup.
-
@Dashrender said:
Have them use the email but instead of sending to you, send to support, or whatever other address you setup.
Tried that too...LOL. I am resigned to just keeping it as my own personal KB and I do love it...really helps a SOLO IT shop for sure. Since I've been test driving a Note 5 and contemplating leaving my beloved Windows Phone behind. The Spiceworks App (heck most of the missing apps_) has been like Christmas Morning to me.
-
@garak0410 said:
@Dashrender said:
Have them use the email but instead of sending to you, send to support, or whatever other address you setup.
Tried that too...LOL. I am resigned to just keeping it as my own personal KB and I do love it...really helps a SOLO IT shop for sure. Since I've been test driving a Note 5 and contemplating leaving my beloved Windows Phone behind. The Spiceworks App (heck most of the missing apps_) has been like Christmas Morning to me.
LOL yeah I'd love to have my SB app back!
-
@Dashrender said:
@garak0410 said:
@Dashrender said:
Have them use the email but instead of sending to you, send to support, or whatever other address you setup.
Tried that too...LOL. I am resigned to just keeping it as my own personal KB and I do love it...really helps a SOLO IT shop for sure. Since I've been test driving a Note 5 and contemplating leaving my beloved Windows Phone behind. The Spiceworks App (heck most of the missing apps_) has been like Christmas Morning to me.
LOL yeah I'd love to have my SB app back!
Won't take thread off topic but it is hurting to move away from WP right now.
-
WP?
-
-
OH!!!
I could only think of WordPress and that made no sense.
-
@scottalanmiller said:
SSL is a form of VPN.
I think that's the key point. I didn't appreciate this until recently when I started a thread on ML. I think it was explained to me by @NetworkNerd, or maybe you. It put my mind at rest and I've since been happy to expose some of our internal web servers to the internet..
-
@Carnival-Boy said:
@scottalanmiller said:
SSL is a form of VPN.
I think that's the key point. I didn't appreciate this until recently when I started a thread on ML. I think it was explained to me by @NetworkNerd, or maybe you. It put my mind at rest and I've since been happy to expose some of our internal web servers to the internet..
The key in this regard is to not expose port 80. Though I'm sure hackers can still exploit flaws in the listener for SSL, when they exist.
The problem with not exposing port 80, when a user types in www.website.com they won't be automatically redirected to the SSL page, I'm pretty sure normally they get a page can't be displayed error.I wonder, can most firewalls be setup to forward a port 80 request automatically to the designated SSL port? What am I asking, of course they can - is that common is the better question.
-
@Dashrender said:
I wonder, can most firewalls be setup to forward a port 80 request automatically to the designated SSL port? What am I asking, of course they can - is that common is the better question.
Yes, it is called port address translation (PAT) or port forwarding. I know of no router that cannot do this.
-
@scottalanmiller said:
@Dashrender said:
I wonder, can most firewalls be setup to forward a port 80 request automatically to the designated SSL port? What am I asking, of course they can - is that common is the better question.
Yes, it is called port address translation (PAT) or port forwarding. I know of no router that cannot do this.
Will the browser have any issue with the fact that it started an insecure connection, and the webserver is only talking a secure one?
-
@Dashrender said:
Will the browser have any issue with the fact that it started an insecure connection, and the webserver is only talking a secure one?
No, the browser has no say.
-
@Dashrender said:
The key in this regard is to not expose port 80. Though I'm sure hackers can still exploit flaws in the listener for SSL, when they exist.
You can bind SSL to port 80 if you want. the browsers won't care.
