Date: Thu, 13 Aug 2020 16:10:14 -0400 From: Aryeh Friedman <aryeh.friedman@gmail.com> To: "Steve O'Hara-Smith" <steve@sohara.org> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: OT: Dealing with a hosting company with it's head up it's rear end Message-ID: <CAGBxaXk%2BW%2B%2BrmbTjKPbCECM32fBtopCZbS7sibF5Mn56soBKug@mail.gmail.com> In-Reply-To: <20200813203039.30400835439935d1e916d0e1@sohara.org> References: <CAGBxaXmg0DGSEYtWBZcbmQbqc2vZFtpHrmW68txBck0nKJak=w@mail.gmail.com> <20200813203039.30400835439935d1e916d0e1@sohara.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 13, 2020 at 3:30 PM Steve O'Hara-Smith <steve@sohara.org> wrote: > On Thu, 13 Aug 2020 14:56:43 -0400 > Aryeh Friedman <aryeh.friedman@gmail.com> wrote: > > > The hosting company for one of our clients sent the following reply to > > us/them when we asked them to setup end user accounts on a dedicated > > Windows Server, FreeBSD box and CentOS box (all VM's on the same physical > > machine with no other VM's on the physical machine) and being told we > > needed scriptable access (not web based non-scriptable) to the windows > > desktop and shell accounts (including the ability to sudo) and they > agreed > > to provide it: > > Can you ssh *out* from one of the unix boxes ? If so you can tunnel > the rest through the ssh connection. > The block ALL outgoing ports except 25 even between the VM's on the same host. This even if you are using their manaditory VPN access to get to the web portal in the first place (i.e. they even block 10.XXX.XXX.0/24 !?!??!). -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGBxaXk%2BW%2B%2BrmbTjKPbCECM32fBtopCZbS7sibF5Mn56soBKug>