The Internet effectively networks the world together via the World Wide Web.
Using that amazing mechanism to access your Redhat Linux Server from remote
sites without the need for direct modem lines or other communication
infrastructure is easily done. HOWEVER, if care is not taken to block out the
world and only allow in your users, you may open your accounting data to the
world.
ICommander Corporation implementation of remote access to a Redhat Linux Server is primarily aimed at making that access secure. This starts with limiting what can get through via the router that controls the access of the LAN to the outside world via the Internet. It also involves setting up a Linux Firewall and installing port monitoring and intrusion detection software to further block any unauthorized access.
We allow outside connections only via a particular port that encrypts all outgoing data and will only accept encrypted incoming data. The Anziowin Terminal Emulation and Communication software used on PC's accessing the Linux Server includes the client side of this encryption. Because all data coming in and going out is through this private encrypted connection going across the Internet servers involved, it is sometimes referred to as a "tunnel" through the otherwise public Internet network.
ICommander goes even further in assuring that only authorized remote users may access the Redhat Linux Server. Any server setup to allow the remote access uses login profiles that disable direct access to the Linux operating system when the connection is from outside the Local Area Network.
All remote connections instead invoke an ICommander logon that enables further verification by the ICommander Menu System to verify that the connection is via the Anziowin software and that various codes and configuration details on the connecting PC are as required for ICommander access. The connecting IP Address is validated when possible (not possible when a modem is used to access the Internet or the high-speed connection involved does not provide a fixed IP Address). Remote users also need to know the current remote access code allowed for this server and the physical address of the Network Card in the connecting PC must be registered in ICommander System Control.
This may sound a little paranoid but it is necessary. People on Internet WILL
try to access your Linux Server. Only the allowed encrypted port will make it
through but, if you review logs of all connection attempts that are always
accumulated by the Linux Operating System, you will be surprised how many
attempts there will be at various times. Our paranoid approach assumes someone
may be successful at some point in accessing a valid user account even though we
use strong passwords. Any failure on the series of additional validations
required after successful login will immediately terminate the connection and
will result in additional logs that document the failed attempt.