RE: regarding poduct

["Loomis, Rip" <GILBERT.R.LOOMIS () saic com>]

The solution would appear to be:
1.  Have a database indicating which accounts
    are paid up, and their expiry date.  Be
    able to export the list of "newly expired
    users" every night at 1 AM (for example).

2.  Every night at 2 AM (for example) have a
    script run under cron (or the NT equivalent
    service) that locks all the newly expired
    accounts.

A better variation would be for the locking
routine to actually query for account status
in real time, and get a list of all valid
account names (from the payment database) and
their status.  Then the locking routine could
review all the accounts in existence and take
one of the three following actions:
1.  Account is valid and paid up - no action
2.  Account is valid but expired - lock it
3.  Account is invalid - call in the cavalry
    to investigate unusual event.

I could write such a setup, with Perl scripts
and .dbm files for the backend and a web
administrative front end, in a couple
of hours and test it in a couple of days.
So could any good UNIX system administrator,
and you could do similar if not identical
things using Microsoft tools.

I must say as an editorial comment (and I would
feel obliged to point this out to a customer
as well) that this is a crappy business model
and I hope you aren't depending on this as
your principal revenue...but I hope this helps.

Rip Loomis              Voice Number: (410) 953-6874
--------------------------------------------------------
Senior Security Engineer
Center for Information Security Technology
Science Applications International Corporation
http://www.cist.saic.com



> -----Original Message-----
> From: sathyanarayanan [mailto:satsv55 () yahoo com]
> Sent: Tuesday, March 13, 2001 11:54 PM
> To: John Adams; firewall-wizards () nfr com
> Subject: Re: [fw-wiz] regarding poduct
>
>
> hi John,
>    i had little bit phrased the question wrongly,
>   it is not webserver, but getting into the internal
> network itself.(as we normally map a drive or space to
> someother guy from our system , giving right for him
> to use in our computer.)
> Likewise the client would be given right to somespace
> for accessing his files stored by us , inside our
> network , for a stipulated lease period.
>    when the period expired he should pay again to get
> the rights to access the files.I am just wondering
> whether there is any software that would do
> automatically disabiling the client when the lease
> period expires.
>  thanks
> yours
> sathya
>  
>
>
>
> --- John Adams <jna () retina net> wrote:
> > You can handle this using existing system tools. 
> >
> > If your webserver is Solaris or Linux, use 'usermod'
> >
> > If your webserver is NT, use Users and Groups to set
> > an expiry date for
> > his account.
> >
> > -john
> >
> > On Sun, 11 Mar 2001, sathyanarayanan wrote:
> >
> > >  Hi guys,
> > >     I am in search of a product which does the
> > > following function.
> > > When a client comes to our office and gets a login
> > id
> > > to access our webserver for a period of time.
> > >  when the time period expires , we are in need of
> > > product which denies him access to our web server
> > or
> > > web site or the files to which he is given access,
> > > automatically .
> > >  Is there a any security product , which prevents
> > his
> > > access by temporary locking his computer from
> > access
> > > to our site, using his IP address or our IP
> > address,
> > > unless we give him a password , which enables him
> > > again to access our site.
> > >
> > > yours
> > > sathyanarayanan
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Auctions - Buy the things you want at great prices.
> http://auctions.yahoo.com/
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () nfr com
> http://www.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards