Re: Remote administration of a machine behind NAT

To: debian-user@lists.debian.org
Subject: Re: Remote administration of a machine behind NAT
From: Chris Davies <chris-usenet@roaima.co.uk>
Date: Tue, 09 Sep 2008 10:12:40 +0100
Message-id: <[🔎] 89rhp5x063.ln2@news.roaima.co.uk>
Reply-to: chris@roaima.co.uk
References: <b9WMw-1yI-3@gated-at.bofh.it> <b9WWl-1I0-7@gated-at.bofh.it> <b9XfE-2h7-29@gated-at.bofh.it>

Andrei Popescu <andreimpopescu@gmail.com> wrote:
> [-- text/plain, encoding quoted-printable, charset: us-ascii, 20 lines --]

> On Tue,09.Sep.08, 07:51:30, Alex Samad wrote:
>> > Or do you have any other ideas?
>> 
>> openvpn + iptables.
>> 
>> Use openvpn with cert's to create a tunnel and then use iptables on your
>> end to block any traffic, until you want to use it.

> I'm trying to protect myself from some possible rootkit on my mothers
> laptop accessing mine while I do routine administration on hers. Am
> I too paranoid?

No, you're not too paranoid, but I think you've missed the point of
the suggestion.

Install OpenVPN on both your mother's PC and your system. Set her PC's
installation to establish the connection to yours. Use the builtin ping
options to keep the connection open through the NAT layers (e.g. if the
smallest NAT timeout is 300 seconds, set the ping timer to 140 seconds).

This will give you an encrypted bi-directional connection between your
system and your mother's PC, which you can then use from your end whenever
you need to do so.

Chris

Reply to:

Follow-Ups:
- Re: Remote administration of a machine behind NAT
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: Re: Remote administration of a machine behind NAT
Next by Date: RE: apache2 in Debian - adding vhost - which file to edit?
Previous by thread: Re: Remote administration of a machine behind NAT - VM for support
Next by thread: Re: Remote administration of a machine behind NAT
Index(es):
- Date
- Thread