Allowing any port (SSH included) go through the firewall\gateway to the
internal network is quite a back door , SSH is not immuned , and as we
seen not so long ago had a its share of security holes, I would suggenst ,
if you need remote control over a computer , stick a modem in it....
_|_ |__ ___ __ __
|_, | ) (__/_ (__) (__|
__/
On Fri, 19 Apr 2002 [EMAIL PROTECTED] wrote:
>
> Actually allowing VNC from the internet is VERY INSECURE. I suggest you
> open port 22 (ssh) and tunel vnc throuhg this tunnel. I have a script for
> this if you'd like.
>
> --------------
> Brian Carpio
> CSG Systems Inc.
> Open Systems Unix System Admin
>
> x3317
> --------------
>
> On Fri, 19 Apr 2002, CHRIS GRABENSTEIN wrote:
>
> > You'll have to map a port from your machine with public IP to the private
> > one. I believe VNC uses 5800 and 5900 by default. You then connect your
> > vncviewer to the public IP. How you go about doing that depends on your OS
> > and personal preferences.
> >
> > You might want to consider using a port other than the default to avoid basic
> > port scanners scanning subnets for servers. It involves changing two
> > registry keys, but it's pretty straight forward. There are also several
> > third-party tools that will let you run vnc through an encrypted tunnel for
> > added security.
> >
> > |-----Original Message-----
> > |From: snaqi [mailto:[EMAIL PROTECTED]]
> > |Sent: Thursday, April 18, 2002 6:23 AM
> > |To: [EMAIL PROTECTED]
> > |Subject: IP AND NAT
> > |
> > |
> > |My first question is, is this possible, I have only one public
> > |IP address, and I am using nat to hide my internal network,
> > |and I want to connect to a machine with vnc on that with
> > |private ip And then run my web server and ftp server inside
> > |that network. So my question is how can I connect to vnc host
> > |from outside world to the machine having private ip behind my nat.
> > |
> > |Thanks for help in advance
> > |
> > |Naqi
> > |
> > |
> >
>
