Andrei Popescu wrote: > But how can I prevent a possible attacker to abuse this setup to access > my laptop?
What's the likelihood an attacker will even care that the system can access your laptop? What's the likelihood that an attacker will even get access to the other system? Your paranoia goes too far I believe. If it was me I would just configure the remote NAT device to port forward some port for SSH(not likely 22 because it's possible the upstream ISP would block it), enable ssh on the remote system, configure it for key based authentication only, and add a little wget script to the system that the user can click on which "pings" my web server so I can determine what their IP was at the moment. I suppose if you were really paranoid you could setup iptables rules on the remote system to reject inbound SSH connections unless they came from your static IPs, I wouldn't bother myself as long as the system they are on still gets security updates. Not a lot of effort, and I won't lose any sleep over the security of the system. nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
