Yeah, I know what you are saying....

Got your tinfoil hat so the government doesn't read your brain waves?:D

You got it, man.

(clik the pic)

in all fairness I see where you are coming from. I use DDWRT firmware on my router which allows for me to ssh into it from anywhere via internet. I create ssh tunnels then run things like MS remote desktop and VNC type things because out of the box encryption is sometimes really just a deterrent and not an actual security solution. However, I do not know enough about hacking/cracking to really justify my statement. I do know the basics of network security and I do know what measures one should take to keep themselves protected, but at the same time I think some people tend to get paranoid on that subject.

Nice pic btw.

I've been a systems analyst for 27 years, and the highest security I've found is setting up these reverse-SSH tunnels. My remote Debian server runs services like DNS, web object caching, apache, etc, and all those services are only listening to the internal 127.0.0.1 IP, on their respective ports. The server is also running the SSH daemon, which is the only thing listening to the outside.

From my local machine I set up a reverse tunnel for each service on the remote host, all passing through SSH. This brings those remote ports to my localhost on ports 2280, 2253, etc. I set the first two digits to 22, to remind me they are tunneled through SSH. So to access the remote DNS for example, I set DNS for my local network card to 127.0.0.1:2253; so on each DNS request the machine reaches into its own bellybutton and tunnels out to the remote machine where that remote DNS server executes the request.

I have a thread here where I set up my new MBP client. Forgot how I set up the server, but do a web search on ssh, sleeper, tunnel to find the HowTo.


Most Americans are oblivious to what's going on now. Did you know that habeus corpus has now been rescinded by the Military Commissions Act? No more due process even for citizens, believe it or not. Warrantless wiretapping (& internet tapping) has been a reality for three years, on all communications users, regardless of nationality.

And now they have passed a new law which strips all pretense of American privacy in our financial transactions, medical care, legal and medical privileged communications and much more. The U.S. Constitution has been shredded. Why do they hate America?

Just because you don't feel it yet tlarkin, doesn't mean it's not there.

well thanks for the info. I have been IT networking/technician/consultant for about 8 years now. I know that in very large networks security can be a very hard thing to lock down because sometimes it is turned off or changed in a way to make things work better on a larger scale. But having a private network behind firewalls, NAT, and good routers we seem to keep our network pretty safe from outside attacks. There are definitely flaws though, and I know that some of them may never be fixed.