>I'd like to access to the hosts of my intranet with private ip's from the
>outside.
>I have the following net:
One or few weeks ago the same questions was up and the list
concluded the discussion with the result, that this best way seems to
be to ssh-portforwarding - that means, you'll use putty
I am new user debian linux,
1. i try to configure in hosts.deny :
ALL:[EMAIL PROTECTED]
and try in hosts.allow :
ALL : 202.xxx.xxx.xx1, 202.xxx.xxx.xx2
But when i try from 202.xxx.xxx.xx1 and 202.xxx.xxx.xx2 the message
is Connection closed by remote host.
how to configure in close all and al
* Ramon Acedo ([EMAIL PROTECTED]) [020210 14:43]:
> I just want that when someone try to access to host1.mydomain.net from the
> internet my firewall (and dns server)
> forward the request to host1.local which has the private ip 192.168.1.20.
I've thought about this problem, but I don't think ther
I am new user debian linux,
1. i try to configure in hosts.deny :
ALL:ALL@ALL
and try in hosts.allow :
ALL : 202.xxx.xxx.xx1, 202.xxx.xxx.xx2
But when i try from 202.xxx.xxx.xx1 and 202.xxx.xxx.xx2 the message
is Connection closed by remote host.
how to configure in close all and allow from
--KFztAG8eRSV9hGtP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Ramon Acedo ([EMAIL PROTECTED]) [020210 14:43]:
> I just want that when someone try to access to host1.mydomain.net from the
> internet my firewall (and dns ser
Forwarding because I feel this is relevant to Debian Security...
- Original Message -
From: "Phillip" <[EMAIL PROTECTED]>
To: "Debian Bug Tracking System" <[EMAIL PROTECTED]>
Sent: Sunday, February 10, 2002 5:41 PM
Subject: Securing Debian HOWTO:
http://www.debian.org/doc/manuals/securin
Hi!
I'd like to access to the hosts of my intranet with private ip's from the
outside.
I have the following net:
A real domain name server managed by the computer which has the real ip, so
I can set all the names and
subdomains that I need.
A firewall wich is the same host than the dns server I t
Forwarding because I feel this is relevant to Debian Security...
- Original Message -
From: "Phillip" <[EMAIL PROTECTED]>
To: "Debian Bug Tracking System" <[EMAIL PROTECTED]>
Sent: Sunday, February 10, 2002 5:41 PM
Subject: Securing Debian HOWTO: http://www.debian.org/doc/manuals/securin
Hi!
I'd like to access to the hosts of my intranet with private ip's from the
outside.
I have the following net:
A real domain name server managed by the computer which has the real ip, so
I can set all the names and
subdomains that I need.
A firewall wich is the same host than the dns server I
Wichert Akkerman writes:
> Previously Matthew Vernon wrote:
> > retitle 130876 Sending server software version information should be
> > optional
>
> I'm not sure I agree with that: that easily leads to the configurable
> version response option that was discussed on openssh-dev recently wh
Previously Matthew Vernon wrote:
> retitle 130876 Sending server software version information should be optional
I'm not sure I agree with that: that easily leads to the configurable
version response option that was discussed on openssh-dev recently where
it was concluded that is not a good idea.
retitle 130876 Sending server software version information should be optional
severity 130876 wishlist
quit
I'll get back to you in more detail when I have time, but in the mean
time - if you want to produce and maintain (since I'm damn sure
upstream wouldn't want to know) a patch that creates a c
Wichert Akkerman writes:
> Previously Matthew Vernon wrote:
> > retitle 130876 Sending server software version information should be optional
>
> I'm not sure I agree with that: that easily leads to the configurable
> version response option that was discussed on openssh-dev recently where
Previously Matthew Vernon wrote:
> retitle 130876 Sending server software version information should be optional
I'm not sure I agree with that: that easily leads to the configurable
version response option that was discussed on openssh-dev recently where
it was concluded that is not a good idea.
On Sun, Feb 10, 2002 at 02:47:11AM +, Lazarus Long wrote:
> As I have said in the past, this is definitely a security risk.
> There is no reason that such information should be exposed to attackers.
We may as well take down the debian.org web pages, since they expose a
wealth of information to
Lazarus Long <[EMAIL PROTECTED]> writes:
> As I have said in the past, this is definitely a security risk.
No, it isn't. The fact that the SSH protocol encourages implementors
to exhibit version numbers has helped us greatly while recovering from
the catastrophic buffer overflow bug.
> Of cours
retitle 130876 Sending server software version information should be optional
severity 130876 wishlist
quit
I'll get back to you in more detail when I have time, but in the mean
time - if you want to produce and maintain (since I'm damn sure
upstream wouldn't want to know) a patch that creates a
Markus Kolb wrote:
Laurent Luyckx <[EMAIL PROTECTED]> wrote on 01/02/2002 (16:30) :
In exim.conf, put hosts_accept_relay with a list of authorized IP.
ex:
hosts_accept_relay = localhost:192.168.0.0/24
^^^
why this IP?
On Sun, Feb 10, 2002 at 02:47:11AM +, Lazarus Long wrote:
> As I have said in the past, this is definitely a security risk.
> There is no reason that such information should be exposed to attackers.
We may as well take down the debian.org web pages, since they expose a
wealth of information t
Lazarus Long <[EMAIL PROTECTED]> writes:
> As I have said in the past, this is definitely a security risk.
No, it isn't. The fact that the SSH protocol encourages implementors
to exhibit version numbers has helped us greatly while recovering from
the catastrophic buffer overflow bug.
> Of cour
Markus Kolb wrote:
>>Laurent Luyckx <[EMAIL PROTECTED]> wrote on 01/02/2002 (16:30) :
>>
>>>In exim.conf, put hosts_accept_relay with a list of authorized IP.
>>>ex:
>>>
>>>hosts_accept_relay = localhost:192.168.0.0/24
>>>
>> ^^^
>>
On 10/02/02, Lazarus Long wrote:
> On Sat, Jan 26, 2002 at 12:25:08PM +, Matthew Vernon wrote:
> > Lazarus Long writes:
> > > Introduces security hole by divulging too much information to an
> > > attacker about the underlying system.
> > The rationale behind this, is that there are man
Am Son, 2002-02-10 um 04.50 schrieb Magus Ba'al:
> I'm not entirely positive, but I'm pretty sure you need to add the 2nd
> connection under tap1, as only one connection can be on tap0 at a time
> (in the server vtund.conf).
>
> You can also search thru the vtun archives, or do a search on google
On 10/02/02, Lazarus Long wrote:
> On Sat, Jan 26, 2002 at 12:25:08PM +, Matthew Vernon wrote:
> > Lazarus Long writes:
> > > Introduces security hole by divulging too much information to an
> > > attacker about the underlying system.
> > The rationale behind this, is that there are ma
Am Son, 2002-02-10 um 04.50 schrieb Magus Ba'al:
> I'm not entirely positive, but I'm pretty sure you need to add the 2nd
> connection under tap1, as only one connection can be on tap0 at a time
> (in the server vtund.conf).
>
> You can also search thru the vtun archives, or do a search on google
25 matches
Mail list logo
