Jenkins amplification

• Previous message (by thread): Jenkins amplification
• Next message (by thread): Jenkins amplification
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/3/20 10:48 AM, Christopher Morrow wrote:
>
> Sorry, to be a little less flippant and a bit more productive:
>    "I don't think every remote endpoint needs full access (or even some
> compromise based on how well you can/can't scale your VPN box's
> policies) access to the internal network. I think you don't even want
> to provide this access based on some loose ideas about 'ip address'
> and 'vpn identity'."
>
> Ideally you'd be able to authenticate and authorize and even
> account(!) based on a real user-id + passwd + token (2fa thing).
> Somethign akin to this:
>    https://cloud.google.com/beyondcorp/
>
> maybe using the googz work directly isn't your cup-o-joe(jane?) but...
> the idea itself is the point I was aiming for.


So somebody is using the internet as it was originally designed. Will 
miracles never cease.

Mike

• Previous message (by thread): Jenkins amplification
• Next message (by thread): Jenkins amplification
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]