One word - vpn. :) -mb On Sat, 2009-08-08 at 17:31 -0700, Shawn Badger wrote: > I said I only have access to port 80 and 443 out. But I really like > the idea of port knocking for most of the services. > > Hmm, I wonder if I could set up URL knocking? I will have see if I can > find a way of doing that to protect this app from access. > > > On Fri, Aug 7, 2009 at 5:35 PM, Matt Nesteruk > wrote: > I know you said you only want 443 open, but have you > considered a port knocker to only open up ssh when you need > it? > > > -M > > > > On Fri, Aug 7, 2009 at 9:44 AM, Shawn Badger > wrote: > As for the security on this, it is my intentions to > first prevent browsing to the page. You will have to > know the URL and then you get a password to connect to > the page. Then this will be baked by iptalbes limiting > who has access to get to that URL in the first place. > I know this isn't 100% effective, but it should keep > the kiddies at bay. > > BTW, this isn't going to be a public addressable site > either. I would not put something like this out and > make it public accessible, that is just asking for > being hacked. > > > > > > On Thu, Aug 6, 2009 at 4:54 PM, Lisa Kachold > wrote: > I can offer my services to help you clean out > the vermin later! > > If they can't protect OpenSSL based SSH, even > with a layer of > IPTABLES, how are you going to protect a > system suid process? > > Laugh . > > > On 8/6/09, Stephen > wrote: > > also there is a wikepedia article if you > google web ssh or jsut browse > > them, they appeared to have a few options. > > > > On Thu, Aug 6, 2009 at 4:31 PM, Shawn > Badger wrote: > >> That is more like what I ma looking for. > >> > >> > >> On Thu, Aug 6, 2009 at 4:19 PM, David > Huerta wrote: > >>> > >>> On Thu, Aug 6, 2009 at 4:04 PM, Shawn > Badger > >>> wrote: > >>> > Does any on the list know of a good web > based ssh client? > >>> > I would prefer it to run on my own > system as opposed to going though > >>> > one > >>> > that I don't have control over. > >>> > It would also be nice if it was able to > pass x-windows as well all > >>> > though > >>> > that isn't a requirement. > >>> > > >>> > >>> This won't do X11 forwarding, but for > general command line usage, this > >>> AJAX web app seems to work: > http://anyterm.org/ > >>> > >>> -- > >>> [.dh] > >>> > --------------------------------------------------- > >>> PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > >>> To subscribe, unsubscribe, or to change > your mail settings: > >>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >> > >> > >> > --------------------------------------------------- > >> PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > >> To subscribe, unsubscribe, or to change > your mail settings: > >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > >> > > > > > > > > -- > > A mouse trap, placed on top of your alarm > clock, will prevent you from > > rolling over and going back to sleep after > you hit the snooze button. > > > > Stephen > > > --------------------------------------------------- > > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change your > mail settings: > > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > > -- > http://linuxgazette.net/165/kachold.html > (623)239-3392 > (503)754-4452 www.obnosis.com > > --------------------------------------------------- > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your > mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > --------------------------------------------------- > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail > settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > --------------------------------------------------- > PLUG-discuss mailing list - > PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss