So I would set up openvpn on my remote server and connect to it from:
here's a few ideas about the subject, some options to think about.
1. my local print server for printing
Look into routed vpn networks. If I were in your case I would probably
set up a VPN server on (one of) my
On Mon, 11 Feb 2008 06:23:23 -0800
Grant [EMAIL PROTECTED] wrote:
I cringe at the idea of having to use a VPN for imap, however.
Why? Would you say the same of using it for SMTP?
I read email rather compulsively I guess, and would hate to be bothered
with VPNs, then use an encrypted mail
On Sunday 3 February 2008, Grant wrote:
OK, port knocking is going back on the todo list.
Note that I'm not claiming that portknocking is the solution to every
security problem. Only that it has its uses in certain scenarios.
A drawback of portknocking is that it requires modified clients
Well thank you for that. I had planned on setting up port knocking
for ssh and cups but I guess I'm just as well off leaving them
listening on 22 and 631?
Fail2Ban, though a little intensive, seems to be a decent method for
avoiding unwanted SSH traffic while accepting trusted traffic.
On Sat, 2 Feb 2008 10:27:24 -0800
Grant [EMAIL PROTECTED] wrote:
Well thank you for that. I had planned on setting up port knocking
for ssh and cups but I guess I'm just as well off leaving them
listening on 22 and 631?
Fail2Ban, though a little intensive, seems to be a decent method for
On Sun, 3 Feb 2008 07:27:12 -0800
Grant [EMAIL PROTECTED] wrote:
Well thank you for that. I had planned on setting up port
knocking for ssh and cups but I guess I'm just as well off
leaving them listening on 22 and 631?
Fail2Ban, though a little intensive, seems to be a decent
Grant wrote:
I don't know about large setups, where it might be very possible that
port knocking becomes a major PITA as you say. But I have setup and used
port knocking for remote ssh access lots of time in the past, and never
had a problem. This is just my little experience, of course.
OK,
Well thank you for that. I had planned on setting up port
knocking for ssh and cups but I guess I'm just as well off
leaving them listening on 22 and 631?
Fail2Ban, though a little intensive, seems to be a decent method for
avoiding unwanted SSH traffic while accepting
That's more or less what I'm trying to do. Is setting up a VPN
between my remote server and local network overkill? I think the only
thing I'd use it for is to hide the sending of these printouts.
I would speculate that a VPN for one service might be overkill, if that
service is easy to
On Sun, 03 Feb 2008 08:06:47 -0800
kashani [EMAIL PROTECTED] wrote:
Grant wrote:
I don't know about large setups, where it might be very possible
that port knocking becomes a major PITA as you say. But I have
setup and used port knocking for remote ssh access lots of time in
the past,
On 2008-02-03, Dan Farrell [EMAIL PROTECTED] wrote:
So you're saying ssh running on an unusual port is good
enough?
For some value of good enough, yes.
I'm no expert, but from my logs: SSH attempts (from bots in
Shanghai and the like) on port 22 number in the thousands,
unexpected SSH
On 2008-02-03, Grant [EMAIL PROTECTED] wrote:
I can imagine situations where you'd want to print invoices
and the like at front offices or even remote storefronts and
locations, but wouldn't you want a VPN up between your remote
offices anyway?
That's more or less what I'm trying to do. Is
I can imagine situations where you'd want to print invoices
and the like at front offices or even remote storefronts and
locations, but wouldn't you want a VPN up between your remote
offices anyway?
That's more or less what I'm trying to do. Is setting up a
VPN between my remote
On Sun, 3 Feb 2008 12:25:25 -0800
Grant [EMAIL PROTECTED] wrote:
So I would set up openvpn on my remote server and connect to it from:
here's a few ideas about the subject, some options to think about.
1. my local print server for printing
Look into routed vpn networks. If I were in your
Grant emailgrant at gmail.com writes:
If someone then argues about source IP spoofing, just let him. If
someone in your organisation is able to do it, make him your network
admin.
You're right, access to the printer can be given only to certain
hosts. So simply using 'lpr file.pdf' on
On Saturday 02 February 2008, James wrote:
Grant emailgrant at gmail.com writes:
If someone then argues about source IP spoofing, just let him. If
someone in your organisation is able to do it, make him your
network admin.
You're right, access to the printer can be given only to
If someone then argues about source IP spoofing, just let him. If
someone in your organisation is able to do it, make him your
network admin.
You're right, access to the printer can be given only to certain
hosts. So simply using 'lpr file.pdf' on the remote machine
On Saturday 2 February 2008, Alan McKinnon wrote:
port-knocking is the biggest load of fud (Microsoft products apart) I
have heard about in ages. The term snake-oil comes to mind, as
does security by obscurity and obfuscation which we all know is no
security at all.
Uhm. Security by
port-knocking is the biggest load of fud (Microsoft products apart) I
have heard about in ages. The term snake-oil comes to mind, as
does security by obscurity and obfuscation which we all know is no
security at all.
Uhm. Security by obscurity is not good because it hides something *that
On Saturday 02 February 2008 08:42:25 pm Grant wrote:
port-knocking is the biggest load of fud (Microsoft products apart) I
have heard about in ages. The term snake-oil comes to mind, as
does security by obscurity and obfuscation which we all know is no
security at all.
Uhm.
20 matches
Mail list logo
