[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Safely exposing a service to the internet

I have a very tight OpenBSD pf firewall.
My ADSL modem also acts as a firewall.
I know how to enable port forwarding in both.
My always-on machine runs Sid.

I'd like to be able to point my WAP-based cell phone
at my home and get a bit of data.  (The data will be
encrypted and then beamed over to my PocketPC where
it will be properly decrypted.)

How many hoops should I jump through for myself for
security?  Naively I would just run apache and when
a properly encrypted request comes in, run a server
process to do whatever is needed, and then return the
data.  Do I have to worry about buffer overflows in
Sid's apache?  Should I make some kind of jail and
put something in a DMZ?

Reply to: