6 Dec
2017
6 Dec
'17
7:26 a.m.
On Sun, Dec 03, 2017 at 09:32:35PM -0500, Pete Rittwage via cctech wrote:
[...]
You should never use one-to-one NAT like that. You should only forward the
ports you need from the firewall to your server. In this case, I assume
you only need tcp/23 for telnet from the outside?
Just in case: myself, I would rather ssh to firewall, and only from
there telnet to VAX. Unless all your computers behind firewall are
only for fun and you are ok to have any kind of stuff installed there
from anywhere in a world. Some could say to this that
VMS is hard to
get in because ... (fill in your preferred reaason) ... , and I
would
answer that one more fence does not hurt, whereas one less might.
--
Regards,
Tomasz Rola
--
** A C programmer asked whether computer had Buddha's nature. **
** As the answer, master did "rm -rif" on the programmer's home **
** directory. And then the C programmer became enlightened... **
** **
** Tomasz Rola mailto:tomasz_rola at bigfoot.com **