Secure and Un-sercure ports

StackOverflow https://stackoverflow.com/questions/4386211

  •  10-10-2019
  •  | 
  •  

Pergunta

1) Adding a port to in-bound and out-bound exception list in firewall would make my machine vulnerable?
2) What are the ports I should never add to exception list?
3) I would like to add 3690 to exception list for my svn will that make my system vulnerable?

Foi útil?

Solução

It doesn't matter on which port you run service but mostly often as which user you run those service and what that user can do.

What you need is restricted chrooted user that runs your svn repository if you want to be really safe.

I guess you are trying to run svn repository, your easiest bet is to create your repository as some user and tunnel your connections through ssh with svn+ssh://svnuser@my.domain.com/home/myuser/REPOSITORY style links.

If you want more svn users to access your service make svn group and add them to svn group,

chmod -R g+w /home/myuser/REPOSITORY
chgrp -R svngroup /home/myuser/REPOSITORY

and you're done

Outras dicas

This may be to generic in your cases, but have you considered setting up a VPN? (It's really easy with openvpn, and allows you to use your services just the way you use them in your LAN).

Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top