On Fri, Feb 16, 2001 at 12:19:49PM -0600, Robert Guthrie wrote: > My question is simple: will forwarding that one port... > 1. Work at all? sshd should respond to the incomming connection on a port > above 1023, right?
Yup. > 2. Open up my server to exploits of other services running on it (samba, nfs, > apache, etc...)? Since the packets are going to be allowed on to my private > network, will that expose me attacks that somehow ride in over the forwarded > sshd port? No -- unless there is some kind of weird TCP/IP stack vulnerability found in the OS OR there is a hole found in sshd you should be ok. I wouldn't want to bet my life that neither of those will happen though. :P My first choice would be to upgrade that firewall to a Pentium, in which case you would probably be OK without doing any port forwarding. (In fact you might be ok with the 486... I'd try that out first before taking other measures.) -- Jim B. [EMAIL PROTECTED]
