A couple of quick points about OpenSSH, which I use a lot: first, make sure you have a release of 3.1 or later, this includes a privilege escalation bug that was recently found. OpenSSH in the current development builds is putting in a separated-privilege scheme which will make privilege exploitation far more difficult in the future.
And be sure you run only SSH2, not SSH1, which is known to have some weaknesses in its security as far as the protocol goes. The great thing about ssh is that you can tunnel anything with it - X11 connections, SMTP, POP3, whatever can flow over the pipe if you set it up for that. Ted On Mon, 2002-03-25 at 06:08, Joe Matuscak wrote: > On Sun, 24 Mar 2002, Brian Fort (Mushkin) wrote: > > > I need to look into a workarounds for what is hopefully only a temporary > > problem with the GNATBox Mobile VPN. My only options seem to be either to > > switch to another brand of firewall, or setup a VPN Server on my protected > > network. > > > > Does anyone have suggestions on VPN Server software or hardware that allows > > for mobile VPN clients (mobile = dynamic IP addresses)? > > I've been experimenting with SSH. Ive set up a inbound tunnel to a > internal Linux machine. With the (free) Putty client on Windows systems > (Ive tried 2k andXP) you can set up port tunnels over SSH. Ive run Windows > Terminal Server sessions, VNC and of course, shell logins over it. Seems > to work quite well so far. > > > Joe Matuscak > Rohrer Corporation > 717 Seville Road > Wadsworth, Ohio 44281 > (330)335-1541 > [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
