Mike Fedyk <[EMAIL PROTECTED]> writes: > Until you know how to use these tools, you shouldn't even try to do this: > > lsof > netstat > tcpdump
Sure. > nfs protocol and security considerations. NFS is insecure. My assumption is that by NFS-mounting, at work, stuff which lives on my home machine, it is only my *home* machine which becomes vulnerable, not my work machine. Please let me know if you disagree with this assumption. > You are holding open a big guarage door that's screaming "HACK ME! I WANT TO > GIVE > ALL OF MY FILES AWAY, AND HAVE YOU DELETE THEM AFTERWARDS!" > > You realize that nfs is worse than using telnet(over the internet), right? > > > > Remember with nfs: > > > > > > Anyone can act as any of your users! I would setup a IPsec tunnel for > > > this > > > myself if I did this at all. Yeah well the only thing worth fearing is fear itself, etc. My home machine is backed up regularly, if somebody *really* wants to delete all my files, they have my blessing. On the other hand, I have a responsibility to protect my work network (or at least not open gaping holes in it). > > What's an IPsec tunnel and how do I set one up? > > > > www.freeswan.org > > You need to know how to compile your own kernel, use tcpdump, and debug > network issues. You can get help from the freeswan guys, but you should > pick up a networking book and read it NOW. > > Post more about what you really want to achieve, and maybe we can help you > pick another solution that is more secure. I'm at work, I would like to mount home_machine:/var/mp3, so I can listen to my mp3's. Not a lofty goal, but would be nice pull off at least as proof of principle. If I can do it without compromising the security of my home machine, great; if not, that's fine too. If I can't do it without compromising the security of my work network, that's a showstopper. -chris
