On Sun, 2011-04-03 at 15:25 +0300, Dotan Cohen wrote: > Not a Debian-specific question, but I turn to the best brains that I know. > > Assuming a LAN with a router and three machines: > 10.0.0.1 Router > 10.0.0.2 Computer1 > 10.0.0.3 Computer2 > 10.0.0.4 Computer3 > > The router sits on an outside IP address of 123.45.67.89. There is no > DMZ or port forwarding assigned on the router to any of the other > machines. > > Is there any way an individual from outside the LAN could access a > resource (Apache for instance, or SSH) on Computer1 assuming that he > knows Computer1's LAN IP address? Would this this be possible if he > had access to Computer1 and could configure it somehow (without > configuring the router)? > > Thanks. > To my knowledge, no, there is not. Only if the traffic is part of an existing connection created by one of the machines inside your LAN. If he wants access to computer 1, your router would need to be compromised (or computer 1 using some kind of malware, then computer 1 could initiate the traffic itself. The malware could be hosted on an external website you need to visit). Kind regards, Steven
Attachment:
signature.asc
Description: This is a digitally signed message part