Saturday, September 14, 2019

Question about Firewall Feature of SecureCRT

Hi Folks,

hope anyone has an idea about the following situation.
I posted the same in /r/SecureCRT but I fear it is not that active.

Here is the situation:

I have a remote Linux machine which I can access from my client directly.
This Linux machine is one of a very few hosts that is allowed to access a certain part of the network.
Therefore I use this Linux machine as a Jumphost.

To make my life a lot easier, there is the "Firewall" Feature in SecureCRT.
In my opinion it should be called proxy or jumphost feature - because that is exactly what it is doing.
I can save direct connections to hosts in the certain network and SecureCRT is "jumping" automatically over the Linux Jumphost.

But here is the catch:
When you access a Linux machine, you see every login and everything in the lastlog, right?
When I "jump" over my Linux machine using the firewall feature of SecureCRT...
... I never ever see anything at all about it in the lastlog... and also nowhere else.

I have root rights on this Linux Jumphost, and I am unable to find any trace at all about any login when my SecureCRT is clearly using it as Firewall for sessions to hosts logically "behind" it.

Has anyone maybe an idea why that might be this way?

Would appreciate any input very very much.

Thanks a lot in advance and best regards!



No comments:

Post a Comment