|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] nmap and port forwarding questions
|
On 12/30/2009 10:04 AM, Casey Bralla wrote:
>
> "Filtered" means just what you would think it would mean. They are blocking
> access to port 5432, so this is undoubtedly why you can't connect.
>
> Just because you have not activated a firewall on your server does not mean
> that some other firewall is active between you and that server. I would
> discuss this with your server provider and ask for the firewall to be opened
> up for this port. (I caution that this may be a security problem, however.)
>
You could probably do a traceroute on that port and find out about any
firewalls in-between. That assumes that the external firewall doesn't
interfere with it.
I do agree with the security issues - they would probably be better off
setting you up with VPN access or an ssh tunnel or something rather than
forwarding the port through the external firewall. Otherwise, anybody
who can spoof your IP can get through, or if your external IP is shared
by many people they provide a lot more people with access than is
necessary. I don't really think that it is good practice to expose
database servers to anything external. You want external port openings
to be minimal, and you want anything on those rules to be meticulously
kept up to date and audited.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|