Re: IPMasqing NFS
Thanks for the feedback, but none of this tells me how to run
nfs over ipmasq/ipchains..
"Stephen E. Hargrove" <firstname.lastname@example.org> writes:
> On 10 May 2001, Chris Majewski wrote:
> > I'm at work, I would like to mount home_machine:/var/mp3, so I can
> > listen to my mp3's. Not a lofty goal, but would be nice pull off at
> > least as proof of principle. If I can do it without compromising the
> > security of my home machine, great; if not, that's fine too. If I
> > can't do it without compromising the security of my work network,
> > that's a showstopper.
> are you taking an unnecessary risk? sure. are you compromising security?
> dunno. i have a cron job that starts and stops nfs on one of my systems
> at specified times. do people try to get in when its running? hell yes.
> but tcp wrappers has stopped them every time (fortunately).
> it's all a question of the risk you're willing to take. kind of like
> running through swamplands. do you think you can make it to the other
> side before the alligators come . . .
> because mine starts and stops at specified times (it's only open for a
> total of 3 hours a day), it's a very small window of opportunity. and, by
> using portsentry, hostsentry and logcheck, i can at least see what's going
> on when the window is open.
> ____) ,_)
> (-(__ -|- _ _
> ____) | (/_\/(/_
> | mailto : email@example.com |
> | linux : http://exitwound.org |
> | mozart : http://mozart.sourceforge.net |
> | buck : http://www.BuckOwensFan.com |
> | High heels are a device invented by a woman |
> | who was tired of being kissed on the |
> | forehead. |
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com