[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Remote administration of a machine behind NAT - VM for support

Am Mittwoch, 10. September 2008 20:03:08 schrieb Andrei Popescu:
> On Wed,10.Sep.08, 19:50:04, Dexter Filmore wrote:
> > I use a virtual machine for support and have my router forward ssh there.
> > Something simple with fluxbox or even no X at all, should fit a 32MB VM
> > and come up within a blink of an eye. For extra paranoia you can revert
> > to a clean snapshot after finishing the session.
> > So if the VM isn't up Joe Random Hacker can scan port 22 all day.
>
> That's a very nice idea, I had totally forgotten about the
> virtualization technologies available in Debian.
>
> Regards,
> Andrei

Extra paranoia: forward a different port than 22, lets say 2222(inet) to 22
(lan/vm) and conf the client script to connect to that port. reduces port 22 
attacks a great deal.
Port knocking perhaps?


-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d--(+)@ s-:+ a C++++ UL++ P+>++ L+++>++++ E-- W++ N o? K-
w--(---) !O M+ V- PS+ PE Y++ PGP t++(---)@ 5 X+(++) R+(++) tv--(+)@ 
b++(+++) DI+++ D- G++ e* h>++ r* y?
------END GEEK CODE BLOCK------

http://www.vorratsdatenspeicherung.de
Reply to: