On Fri, 1 Sep 2006 21:41:18 +0800 "mop" <[EMAIL PROTECTED]> spake: > Hi > > I have a home network set up with an OpenBSD gateway which is bridged to an > ADSL router, two Windows XP machines and assortment of old boxes I play > around with, and a few IP's available to me. What I want is remote access > back to my windows boxes probably using VNC, and to be able to ssh to my > gateway and into my network. At least one of the sites I wish to connect > from uses a web proxy and I would have to tunnel through it. > > What software/techniques can people suggest, and how much of a risk am I > exposing myself to by doing this? I have survived this far without it, but > it would be nice to have. Can I do it without it showing up in a port scan?
Personally, I use OpenVPN to remote back to my home network from work. I also run it on a non-standard higher port so it won't be found during a cursory scan of the firewall. Of course if someone really wants to scan your whole range they will find it. But I am more worried about someone with a vulnerability-in-hand and no particular target in mind. If you don't want anyone to find it, you could try something like port-knocking, which is a neat concept, but maybe just too much work for too little. If you really want something like that, I would say authpf would be a great solution. I have also rode https out before for OpenVPN when I could not find a good port open on the firewall.
