Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 21 Dec 1997 23:29:48 -0800 (PST)
From:      Kwoody <kwoody@citytel.net>
To:        Leif Neland <leifn@image.dk>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: how am I exposing my machines?
Message-ID:  <Pine.BSF.3.91.971220131149.220A-100000@mybsd.net>
In-Reply-To: <6ca_9712201833@swimsuit.swimsuit.roskildebc.dk>
next in thread | previous in thread | raw e-mail | index | archive | help 

On 20 Dec 1997, Leif Neland wrote:

> One fbsdbox provides ppp-connection to my ISP with ppp -auto -alias for a 
couple of machines on my lan.
> If somebody tries to access the dynamic IP I have while the link is up, 
what can they see? telnet? ftp? http? On only the box with the modem?
> 
> ppp is setup "out of the box".
> 
> The fbsdbox with the modem is setup as "IP-gateway=yes". No ipfw.

I have ppp doing the same thing for my stuff here. There have been times 
while at work I have dialed into my bsd machine and make ppp dial out to my 
ISP. I then hangup and dialup shell account on my ISP, do a who and see what 
IP my bsd box is on then telnet into it. I can also ftp, http(though not 
enabled in inetd), finger and a whack of other stuff that I have enabled 
in my /etc/inetd.conf

Check your inetd.conf and see what services are enabled. If your Fbsd 
machine is out of the box then I think that most services are enabled.

So they will be able to get to your gateway machine via your dynamically 
assinged IP, but again it depends on what services you have enabled in 
inetd.conf, but anything beyond your Freebsd machine  I think  
would be safe. (ie windows boxes) 

Though I have a sun box that I can telnet to in my basement from my bsd 
machine so that wouldnt be very safe in the event of someone telneting to 
my bsd box via a dynamically assinged IP.

Also once into your FreeBSD machine while your ppp connnection is up they 
can telnet/ftp whatever *out* to the internet using your FreeBSD machine.

Hope that helped. Though if I'm wrong someone will point out my errors 
I'm sure! :)

Keith.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.971220131149.220A-100000>