[ILUG] DMZ
Rory Browne
rbmlist at gmail.com
Wed Nov 24 17:52:22 GMT 2010
On 11/24/2010 03:26 PM, Brendan Halpin wrote:
> On Wed, Nov 24 2010, Ruairi Hickey wrote:
>
>> If you want A to be able to initiate a connection to B then you need to open
>> the firewall to allow this...
> I wouldn't even think of it...
>
>> An alternative would be to enable port-forwarding on 'A's sshd_config and run a
>> reverse tunnel over ssh.
> but that's exactly what I *was* thinking of.
>
> Thanks,
>
> Brendan
I'm a little confused here - knowing what line of businesses you're in (
You're an ISP in Mayo aren't you ), these are probably both your own
machines on your network. You're reluctant to configure an opening on
the firewall, but you're ok with creating a reverse-tunnel to circumvent
your own security, with the same effect? I would be concerned here about
creating the illusion of security, unless you're trying to get something
past a pointy-haired manager.
Rory
More information about the ILUG
mailing list