I am aware of the point made about the Xserver being unsecure. However, I
am running the ltsp on a box behind the dachstein router. Presumably noone
would be able to get to that machine w/o first getting past the router. I'm
not claiming that I'm completely secure, just that the server in my case
only allows specific ip addresses through, not any kind of range, and not
without first creating an IPSec tunnel.
David, the information in question concerning the x-server, are these
standard ports or what would be a better way of doing this?
Joey
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of David Douthitt
Sent: Thursday, June 06, 2002 10:49 PM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] tftp and network.conf
On Thu, Jun 06, 2002 at 10:03:21PM -0500, guitarlynn wrote:
On Thursday 06 June 2002 21:28, [EMAIL PROTECTED] wrote:
EXTERN_UDP_PORTS=ip.ad.dr.es/32_tftp
EXTERN_PROTO0=69 ip.ad.dr.es/32
I would presumably also need a line for the x-server, but I
don't know of-hand what it is.. at any rate... does
something like this work?
the stated tftp probably won't work, unless the variable is
matched to a port number. So you will probably need to
find out what port tftp runs on and substitute it in the line.
Port 69 is tftp; the service name is tftp.
The same goes for allowing X-servers, vnc, and anything
else (that should probably been sent through a ssh or
zebedee encrypted tunnel in my view).
vnc uses ports 5900+display# (for standard VNC), 5800+display#
(for Java VNC client) and perhaps one other.
ssh uses port 22.
X is a special case, and requires special handling. You can't
just forward it to another location. ssh has special
handling to forward X connections and can do it well -
and encrypted besides.
X is a well-known security risk; no X server should probably
be on (or available to) the Internet.
___
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
___
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html