Re: Remote administration of a machine behind NAT
Andrei Popescu <firstname.lastname@example.org> wrote:
> [-- text/plain, encoding quoted-printable, charset: us-ascii, 20 lines --]
> On Tue,09.Sep.08, 07:51:30, Alex Samad wrote:
>> > Or do you have any other ideas?
>> openvpn + iptables.
>> Use openvpn with cert's to create a tunnel and then use iptables on your
>> end to block any traffic, until you want to use it.
> I'm trying to protect myself from some possible rootkit on my mothers
> laptop accessing mine while I do routine administration on hers. Am
> I too paranoid?
No, you're not too paranoid, but I think you've missed the point of
Install OpenVPN on both your mother's PC and your system. Set her PC's
installation to establish the connection to yours. Use the builtin ping
options to keep the connection open through the NAT layers (e.g. if the
smallest NAT timeout is 300 seconds, set the ping timer to 140 seconds).
This will give you an encrypted bi-directional connection between your
system and your mother's PC, which you can then use from your end whenever
you need to do so.