[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Just to follow up on this, i found out his static IP and setup two new firewall rules. One allows him explicitly access to the port i'm hosting tomcat on, the other denies the rest of the world. It would seem that when i do a port scan the rest of the world then sees it as a stealth'd port. Therefore i'm guessing this is as good as it gets without resorting to not opening the port at all, which is a little too secure to be functional :) Martin. On Thu, May 5, 2005 15:57, Martin White said:
Hi, Along similar lines to Aaron's last mail, i've just started working on some servlets. In order to do some kind of local setup prior to testing them on the remote box, i just installed tomcat into my apache setup and it seems to work just fine (well, so far anyhow). I would like to be able to open up some arbritray port number on my router and set it to use that port so that the project manager can get in to see what's being done, but, as per usual i'm concerned about the security of this. Is this safe enough to do, or should i not even think about it? I've no idea what ways there are, if any to exploit a tomcat server should it be found by someone out there. Perhaps i can find out if he has a static IP and only let HIM in to it, that would be better if my router can do that! Martin. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html