[Gloucs] SSH forwarding without a shell

[Pete Wright]

> > Hmmmm and Hmmmm again. Just had another thought. The person connecting> > in has a fixed IP so I could set the Internet facing router to forward> > TCP packets on port 5901 from the fixed IP (and only that IP) to the> > Windows box. No SSH required. Question is, is that secure enough. The> > modem/router is pretty cheap (Zoom X5) so I doubt it set any records for> > security. Also, as described can it be easily fooled. One for all you> > security dudes.
If you plan to use a filtering rule to only allow the specific IP and Port access through your firewall then it means the only way someone can hack into the vnc would be from an ip address that matches the rule. im not too sure if IP spoofing could be used to gian access but thats a different security matter.
_________________________________________________________________
The next generation of MSN Hotmail has arrived - Windows Live Hotmail
http://www.newhotmail.co.uk