Using Term to Pierce an Internet Firewall: Security

Rate this post

prev-3413921 next-6939526 toc-1781169

This is not much more of a vulnerability than the current possibility of having a telnet connection hijacked on an unsecured outside machine. The primary additional risk comes from people being able to use the term socket you set up without you even being aware of it. So be careful out there. (Personally, I do this with an outside machine I know to be pretty secure, namely a linux laptop I maintain myself that does not accept any incoming connections.)

Another possibility is to add « socket off » to the remote ~/.term/termrc.telnet, or add "-u off" to invocation of term. This prevents the socket from being hijacked from the remote end, with only a minor loss of functionality.

prev-3413921 next-6939526 toc-1781169

Lire aussi...  On-The-Fly Disk Compression Issue 18