KevinO wrote:
 > Two services should be run on a firewall. syslog and
 > optionally, ssh open to an internal box only.

How much of an exposure would it be to run ssh
or a web server *occasionally* from that box to
the outside world?  Would there be some devious
way to do this?  Maybe a port-knocking app that
would allow the service to open only after a
specific "code" has been received?

The actual server would only run when I "knocked",
so it would not be responding to routine
probing.  Is this hopelessly naive?


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss