Display web content from a secured device on an Intranet site?
October 20, 2006 9:20 AM Subscribe
Display web content from a secured device on an Intranet site?
My company uses a Barracuda Spam Firewall to control our spam. For those who don't know, it's basically a small linux box that is configured and managed through a web browser. After you log into the web interface you are taken to the main screen listing spam statistics with colorful graphs. My boss would like to make those statistics and graphs available on our Intranet (because bosses love statistics and colorful graphs). Not daily or weekly updates but with the Intranet page pulling live content from Barracuda. I've seen similar things done with content from public sites like Weather Bug (so I know it's technically possible), but is this possible if the content requires a password?
My company uses a Barracuda Spam Firewall to control our spam. For those who don't know, it's basically a small linux box that is configured and managed through a web browser. After you log into the web interface you are taken to the main screen listing spam statistics with colorful graphs. My boss would like to make those statistics and graphs available on our Intranet (because bosses love statistics and colorful graphs). Not daily or weekly updates but with the Intranet page pulling live content from Barracuda. I've seen similar things done with content from public sites like Weather Bug (so I know it's technically possible), but is this possible if the content requires a password?
Depending on the authentication used, you may be able get away with something simple like
<iframe src="http://username:password@barracude.ip.address" />
and tweak from there.
This opens gigantic security holes, but it's QnD
*
posted by unixrat at 10:13 AM on October 20, 2006
<iframe src="http://username:password@barracude.ip.address" />
and tweak from there.
This opens gigantic security holes, but it's QnD
*
posted by unixrat at 10:13 AM on October 20, 2006
Unless there's something unusually awkward about the firewall or your intranet server, any competent server-side developer will be able to pull the content across with a little scripting. Just bear in mind that having a copy of your firewall password sat somewhere in the intranet isn't going to improve your network security.
posted by malevolent at 10:14 AM on October 20, 2006
posted by malevolent at 10:14 AM on October 20, 2006
Response by poster: any competent server-side developer will be able to pull the content across with a little scripting
I'm afraid we're fresh out of those. I'm no programmer by any stretch of the imagination. To clearify, this falls into the category of "wouldn't it be neat if we could...", not "go out and hire somebody". And I agree about the security concerns. Having the Barracuda admin password in plain text anywhere is not an option. I would prefer not to even have a hash of the password available.
After giving it some more thought, I suppose another option would be to just grab the stats a several times a day and move them to an Intranet page. If it makes this task easier, it would be better than nothing.
posted by bda1972 at 10:46 AM on October 20, 2006
I'm afraid we're fresh out of those. I'm no programmer by any stretch of the imagination. To clearify, this falls into the category of "wouldn't it be neat if we could...", not "go out and hire somebody". And I agree about the security concerns. Having the Barracuda admin password in plain text anywhere is not an option. I would prefer not to even have a hash of the password available.
After giving it some more thought, I suppose another option would be to just grab the stats a several times a day and move them to an Intranet page. If it makes this task easier, it would be better than nothing.
posted by bda1972 at 10:46 AM on October 20, 2006
Best answer: Another approach to investigate: can the Barracuda save its log files to the network? If so, you could use a log analysis tool to then process and display the stats (this one seems to support Barracuda Spam Firewall log files).
posted by malevolent at 11:11 AM on October 20, 2006
posted by malevolent at 11:11 AM on October 20, 2006
Response by poster: Thanks malevolent, that's a great idea! I never even considered that option. This would probably even give me some more options of how to display the data (and what data to display) instead of just copying Barracuda's graphs.
posted by bda1972 at 5:55 PM on October 20, 2006
posted by bda1972 at 5:55 PM on October 20, 2006
This thread is closed to new comments.
posted by nicwolff at 9:43 AM on October 20, 2006