{ "numMessagesInTopic": 4, "nextInTime": 499, "senderId": "w0tYVlx93wmNxw1csDvcvfWiXigJrnwseE-OLB5UXIUhJnfsHfZcoH1zSlXUYIzNKW_sEbWtnB1_OO0tUg4MYJ4reLYFigmm3kjH4IoEiDTI2vpmgSvY", "systemMessage": false, "subject": "RE: [magnia_sg20] Re: FTP and WWW services", "from": ""Sean Nazareth" <sean_nazareth@...>", "authorName": "Sean Nazareth", "msgSnippet": "I wish I knew enough to give you knowledgeable answer. In matters of security, I d rather not take ANY risks, so I wouldn t do it. Sean ... ", "msgId": 498, "profile": "sean_nazareth", "topicId": 492, "spamInfo": { "reason": "0", "isSpam": false }, "replyTo": "LIST", "userId": 130406891, "messageBody": "
> -----Original Message-----http://docs.yahoo.com/info/terms/
\n> From: projectblast [mailto:no_reply@yahoogroups.com]
\n> Sent: Monday, August 04, 2003 10:10 AM
\n> To: magnia_sg20@yahoogroups.com
\n> Subject: [magnia_sg20] Re: FTP and WWW services
\n>
\n> Sean,
\n>
\n> Thanks. Though it's over my head, at least I know there are options
\n> I can look in to. So I assume from your suggestion to use SSH, that
\n> leaving the anonymous FTP open is too high a security risk?
\n>
\n> Mark
\n>
\n> --- In magnia_sg20@yahoogroups.com, "Sean Nazareth"
\n> <sean_nazareth@t...> wrote:
\n> > While I cannot explain all the technical details, I believe that it
\n> > might be possible to set up a SSH tunnel between your work and your
\n> > home, and use that in lieu of the VPN. I know that my company has
\n> > similar firewall restrictions, and I've found that it should still
\n> be
\n> > possible to use this SSH method.
\n> >
\n> > While I'm familiar with the concepts, I've never actually set up
\n> such a
\n> > tunnel. But maybe you could check into this idea and see if it
\n> would
\n> > work for you.
\n> >
\n> > Basically, with SSH, you would have to configure the SERVER (Magnia
\n> in
\n> > your case) so that an incoming SSH connection from the WAN would be
\n> > accepted. SSH is similar in concept to telnet, except that the
\n> > connection can be encrypted, and the connection negotiation/password
\n> > exchange can be secure. You can pre-share a key between the source
\n> and
\n> > destination machines to ensure that the connection management is
\n> secure
\n> > (e.g. use a floppy to move a certificate/key between both machines).
\n> > Once the SSH tunnel is set up, many SSH PC clients allow you to
\n> redirect
\n> > ports on the local host (say at work) to be redirected to send their
\n> > output thru the SSH tunnel. Then the server (magnia) must be
\n> configured
\n> > to re-direct the data coming thru the SSH tunnel and send it to the
\n> > destination machine on your home network. The SSH server/client
\n> will do
\n> > the reverse for data coming from the home network to the work
\n> computer.
\n> > The one issue here is that a connection port mapping must be
\n> > pre-configured in the SSH server. For example, on your office
\n> computer,
\n> > you might map localhost(127.0.0.1):10000 to connect to your home
\n> > computer 192.168.1.10:20. In this case, the SSH client will know
\n> that
\n> > connection to localhost:10000 must be sent to the SSH tunnel, and
\n> the
\n> > SSH tunnel, when it sees data, will "re-send" the data on the home
\n> > network to 192.168.1.10 port 20.
\n> >
\n> > Hope this helps.
\n> >
\n> > Sean
\n> >
\n> > > -----Original Message-----
\n> > > From: projectblast [mailto:no_reply@yahoogroups.com]
\n> > > Sent: Saturday, August 02, 2003 8:20 AM
\n> > > To: magnia_sg20@yahoogroups.com
\n> > > Subject: [magnia_sg20] FTP and WWW services
\n> > >
\n> > > I have the Magnia SG20 v2.5 and was wondering if anyone has any
\n> > experince
\n> > > using
\n> > > the built in anonymous FTP server? What kind of security risk is
\n> this
\n> > to
\n> > > the machine?
\n> > > How easily can the machine be hacked with this service open?
\n> > >
\n> > > Same goes for the built in WWW service. Any opinions on it's
\n> > > vulnerability? I like to
\n> > > use the digital central at work to stream my music library. But
\n> again
\n> > I'm
\n> > > wondering
\n> > > how vulnerable the machine is with this port opened.
\n> > >
\n> > > I know VPN is the way to go over the above options,
\n> unfortunately, my
\n> > > corporate
\n> > > firewall policy is to deny VPN access from inside to the outside.
\n> > Leaving
\n> > > me to open
\n> > > the FTP and WWW ports.
\n> > >
\n> > > I closed the ports after a week or so for fear of inviting
\n> malicious
\n> > > behavior. Now I
\n> > > have no external access to my system from work.
\n> > >
\n> > >
\n> > >
\n> > >
\n> > > ------------------------ Yahoo! Groups Sponsor
\n> > >
\n> > > To unsubscribe from this group, send an email to:
\n> > > magnia_sg20-unsubscribe@yahoogroups.com
\n> > >
\n> > >
\n> > >
\n> > > Your use of Yahoo! Groups is subject to
\n> > http://docs.yahoo.com/info/terms/
\n> > >
\n> > >
\n>
\n>
\n>
\n> ------------------------ Yahoo! Groups Sponsor
\n>
\n> To unsubscribe from this group, send an email to:
\n> magnia_sg20-unsubscribe@yahoogroups.com
\n>
\n>
\n>
\n> Your use of Yahoo! Groups is subject to
\n
>
\n>