I said I only have access to port 80 and 443 out. But I really like the idea
of port knocking for most of the services.
Hmm, I wonder if I could set up URL knocking? I will have see if I can find
a way of doing that to protect this app from access.
On Fri, Aug 7, 2009 at 5:35 PM, Matt Nesteruk <
matt.nesteruk@gmail.com>wrote:
> I know you said you only want 443 open, but have you considered a port
> knocker to only open up ssh when you need it?
> -M
>
>
> On Fri, Aug 7, 2009 at 9:44 AM, Shawn Badger <badger.shawn@gmail.com>wrote:
>
>> As for the security on this, it is my intentions to first prevent browsing
>> to the page. You will have to know the URL and then you get a password to
>> connect to the page. Then this will be baked by iptalbes limiting who has
>> access to get to that URL in the first place. I know this isn't 100%
>> effective, but it should keep the kiddies at bay.
>>
>> BTW, this isn't going to be a public addressable site either. I would not
>> put something like this out and make it public accessible, that is just
>> asking for being hacked.
>>
>>
>>
>>
>> On Thu, Aug 6, 2009 at 4:54 PM, Lisa Kachold <lisakachold@obnosis.com>wrote:
>>
>>> I can offer my services to help you clean out the vermin later!
>>>
>>> If they can't protect OpenSSL based SSH, even with a layer of
>>> IPTABLES, how are you going to protect a system suid process?
>>>
>>> Laugh <I agree with Ted here>.
>>>
>>> On 8/6/09, Stephen <cryptworks@gmail.com> wrote:
>>> > also there is a wikepedia article if you google web ssh or jsut browse
>>> > them, they appeared to have a few options.
>>> >
>>> > On Thu, Aug 6, 2009 at 4:31 PM, Shawn Badger<badger.shawn@gmail.com>
>>> wrote:
>>> >> That is more like what I ma looking for.
>>> >>
>>> >>
>>> >> On Thu, Aug 6, 2009 at 4:19 PM, David Huerta <huertanix@gmail.com>
>>> wrote:
>>> >>>
>>> >>> On Thu, Aug 6, 2009 at 4:04 PM, Shawn Badger<badger.shawn@gmail.com>
>>> >>> wrote:
>>> >>> > Does any on the list know of a good web based ssh client?
>>> >>> > I would prefer it to run on my own system as opposed to going
>>> though
>>> >>> > one
>>> >>> > that I don't have control over.
>>> >>> > It would also be nice if it was able to pass x-windows as well all
>>> >>> > though
>>> >>> > that isn't a requirement.
>>> >>> >
>>> >>>
>>> >>> This won't do X11 forwarding, but for general command line usage,
>>> this
>>> >>> AJAX web app seems to work: http://anyterm.org/
>>> >>>
>>> >>> --
>>> >>> [.dh]
>>> >>> ---------------------------------------------------
>>> >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> >>> To subscribe, unsubscribe, or to change your mail settings:
>>> >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>> >>
>>> >>
>>> >> ---------------------------------------------------
>>> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> >> To subscribe, unsubscribe, or to change your mail settings:
>>> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>> >>
>>> >
>>> >
>>> >
>>> > --
>>> > A mouse trap, placed on top of your alarm clock, will prevent you from
>>> > rolling over and going back to sleep after you hit the snooze button.
>>> >
>>> > Stephen
>>> > ---------------------------------------------------
>>> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> > To subscribe, unsubscribe, or to change your mail settings:
>>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>> >
>>>
>>>
>>> --
>>> http://linuxgazette.net/165/kachold.html
>>> (623)239-3392
>>> (503)754-4452 www.obnosis.com
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss