On Tue,09.Sep.08, 13:50:05, François Cerbelle wrote: [...] > Now, you have to protect the admin box from an attack initiated from the > NATted box (mother's). Because this box is unsure. So, you set iptables > rules on the admin box to filter every byte which comes from the NATted > box.
Yes, this is my problem > Then, you can still go on internet with you normal connexion, but you can > not use it to connect directly to the NATted box, as it is natted and it > does not have a public IP. But you can connect to it using the VPN because > you are both on the same private network. And you box is protected from > malware installed on the NATted box. What is protecting me from the malware, because I still have to open the firewall for the VPN? Or do you mean I can firewall the traffic going through the VPN? This is interesting, but it adds additional complexity to the setup. I've set up a reverse ssh tunnel using a (very) restricted key. Hope it's enough. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
signature.asc
Description: Digital signature
