(Off-topic) Software Information: "AutoCad for linux"
Peter Garrett
peter.garrett at optusnet.com.au
Tue Jan 9 22:54:12 UTC 2007
On Tue, 09 Jan 2007 08:26:25 -0800
Matthew Kuiken <matt.kuiken at verizon.net> wrote:
> I don't know if connections like those you are talking about are
> accessible from outside the computer it is running, but if they are, it
> would be much better to have them properly secured.
Agreed. I normally use iptables and key pairs to restrict access - there
are also options in /etc/ssh/sshd_config , for instance
AllowUsers nx peter someone at trustedhost
In order to access the guest OS, though, an attacker would first have to
access the machine, which in my case is behind a nat router and protected
by iptables . In fact currently the machine is only accessible from one
Internet IP and for a restricted number of users.
Peter
More information about the ubuntu-users
mailing list