Allowing any port (SSH included) go through the firewall\gateway to the internal network is quite a back door , SSH is not immuned , and as we seen not so long ago had a its share of security holes, I would suggenst , if you need remote control over a computer , stick a modem in it....
_|_ |__ ___ __ __ |_, | ) (__/_ (__) (__| __/ On Fri, 19 Apr 2002 [EMAIL PROTECTED] wrote: > > Actually allowing VNC from the internet is VERY INSECURE. I suggest you > open port 22 (ssh) and tunel vnc throuhg this tunnel. I have a script for > this if you'd like. > > -------------- > Brian Carpio > CSG Systems Inc. > Open Systems Unix System Admin > > x3317 > -------------- > > On Fri, 19 Apr 2002, CHRIS GRABENSTEIN wrote: > > > You'll have to map a port from your machine with public IP to the private > > one. I believe VNC uses 5800 and 5900 by default. You then connect your > > vncviewer to the public IP. How you go about doing that depends on your OS > > and personal preferences. > > > > You might want to consider using a port other than the default to avoid basic > > port scanners scanning subnets for servers. It involves changing two > > registry keys, but it's pretty straight forward. There are also several > > third-party tools that will let you run vnc through an encrypted tunnel for > > added security. > > > > |-----Original Message----- > > |From: snaqi [mailto:[EMAIL PROTECTED]] > > |Sent: Thursday, April 18, 2002 6:23 AM > > |To: [EMAIL PROTECTED] > > |Subject: IP AND NAT > > | > > | > > |My first question is, is this possible, I have only one public > > |IP address, and I am using nat to hide my internal network, > > |and I want to connect to a machine with vnc on that with > > |private ip And then run my web server and ftp server inside > > |that network. So my question is how can I connect to vnc host > > |from outside world to the machine having private ip behind my nat. > > | > > |Thanks for help in advance > > | > > |Naqi > > | > > | > > >