I said I only have access to port 80 and 443 out. But I really like the idea of port knocking for most of the services. Hmm, I wonder if I could set up URL knocking? I will have see if I can find a way of doing that to protect this app from access. On Fri, Aug 7, 2009 at 5:35 PM, Matt Nesteruk wrote: > I know you said you only want 443 open, but have you considered a port > knocker to only open up ssh when you need it? > -M > > > On Fri, Aug 7, 2009 at 9:44 AM, Shawn Badger wrote: > >> As for the security on this, it is my intentions to first prevent browsing >> to the page. You will have to know the URL and then you get a password to >> connect to the page. Then this will be baked by iptalbes limiting who has >> access to get to that URL in the first place. I know this isn't 100% >> effective, but it should keep the kiddies at bay. >> >> BTW, this isn't going to be a public addressable site either. I would not >> put something like this out and make it public accessible, that is just >> asking for being hacked. >> >> >> >> >> On Thu, Aug 6, 2009 at 4:54 PM, Lisa Kachold wrote: >> >>> I can offer my services to help you clean out the vermin later! >>> >>> If they can't protect OpenSSL based SSH, even with a layer of >>> IPTABLES, how are you going to protect a system suid process? >>> >>> Laugh . >>> >>> On 8/6/09, Stephen wrote: >>> > also there is a wikepedia article if you google web ssh or jsut browse >>> > them, they appeared to have a few options. >>> > >>> > On Thu, Aug 6, 2009 at 4:31 PM, Shawn Badger >>> wrote: >>> >> That is more like what I ma looking for. >>> >> >>> >> >>> >> On Thu, Aug 6, 2009 at 4:19 PM, David Huerta >>> wrote: >>> >>> >>> >>> On Thu, Aug 6, 2009 at 4:04 PM, Shawn Badger >>> >>> wrote: >>> >>> > Does any on the list know of a good web based ssh client? >>> >>> > I would prefer it to run on my own system as opposed to going >>> though >>> >>> > one >>> >>> > that I don't have control over. >>> >>> > It would also be nice if it was able to pass x-windows as well all >>> >>> > though >>> >>> > that isn't a requirement. >>> >>> > >>> >>> >>> >>> This won't do X11 forwarding, but for general command line usage, >>> this >>> >>> AJAX web app seems to work: http://anyterm.org/ >>> >>> >>> >>> -- >>> >>> [.dh] >>> >>> --------------------------------------------------- >>> >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> >>> To subscribe, unsubscribe, or to change your mail settings: >>> >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >>> >> >>> >> --------------------------------------------------- >>> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> >> To subscribe, unsubscribe, or to change your mail settings: >>> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >>> > >>> > >>> > >>> > -- >>> > A mouse trap, placed on top of your alarm clock, will prevent you from >>> > rolling over and going back to sleep after you hit the snooze button. >>> > >>> > Stephen >>> > --------------------------------------------------- >>> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> > To subscribe, unsubscribe, or to change your mail settings: >>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> > >>> >>> >>> -- >>> http://linuxgazette.net/165/kachold.html >>> (623)239-3392 >>> (503)754-4452 www.obnosis.com >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >