a little security
Rusty Carruth
plug-discuss@lists.PLUG.phoenix.az.us
Fri, 7 Sep 2001 10:24:41 -0700 (MST)
> > ssh tunnells to ports 137, 138, and 139 from my computer at work to the
> > server. From there I mount the volumes.
>
Oh, wait. the <server> on the internet WOULD have ports 137-9 open.
Yes, definatly set up ipchains or similar ASAP....
Or, use the ssh to forward to ANOTHER machine which has the ports, like this:
<internet>---<machine_with_no_samba>---<samba_server>
where <samba_server> has the open samba, and <machine_with_no_samba does NOT
forward anything.
ssh to <machine_with_no_samba> and port forward to <samba_server>
(yes, you can forward to ANOTHER machine in your ssh tunnel)
rc