Re: Port forwarding OpenSSH: firewalled box open to non-ssh exploits?
On Friday 16 February 2001 12:37, Jim Breton wrote:
> On Fri, Feb 16, 2001 at 12:19:49PM -0600, Robert Guthrie wrote:
> > 1. Work at all? ...
> Yup.
So I'm not as dumb as I sometimes seem. Good to know.
> > 2. Open up my server to exploits of other services running on it
> No -- unless there is some kind of weird TCP/IP stack vulnerability
> found in the OS OR there is a hole found in sshd you should be ok.
Also what I was thinking. Glad to hear it from someone else. (you're
not just making this up, are you ;-).
> My first choice would be to upgrade that firewall to a Pentium, ...
Not going to happen. My current budget for electrionic equipment is
$0. But it's growing by about 30% a month, so by my calculations, in
about 4 months I'll be able to afford to open up the 486 and
rearrange some cables!
> forwarding. (In fact you might be ok with the 486... I'd try that
> out first before taking other measures.)
I will. It's just going to be hard, as I'll have to be somewhere
outside of my firewall coming in while my wife examines the effects
of lots of ssh traffic on the firewall's efficiency. Glad she used
to work for an ISP, or I'd be totally on my own!
--
Did you know that if you play a Windows 2000 cd backwards, you
will hear the voice of Satan?
That's nothing! If you play it forward, it'll install Windows 2000.
Reply to: