No, I mean make iptables accept all incoming local traffic and also allow all outgoing local traffic.
|
Quote:
Code:
# INPUT satimis |
Well, theoretically everything can somewhat reduce security. But if you already have a malicious process on server where you ssh... Well, I would say that you have lost the server and need to reinstall it anyway. There is a significant risk that they have already cracked root. Then ssh can be already compromised. Well, yes,chance to access your X server through forwarding can give enemy an advantage when trying to take over your desktop (and -X is better than -Y from that point of view), but you still don't have options better than 'ssh -X' (Though it is interesting if VNC is better).
|
Quote:
Quote:
Code:
http://www.realvnc.com/ What will the difference in function between VNC and ssh? TIA satimis |
I used TightVNC. They recommend to tunnel it through SSH tunneling - to get encryption with no extra configuration. The benefit of VNC (compared to ssh) is that entire VNC session is just a window on your desktop, so sniffing your keyboard requires finding actual arbitrary-code-execution hole in TightVNC or a really obscure way to force vncviewer deivate from acceptable behavior.
|
All times are GMT -5. The time now is 01:11 AM. |