What with the wealth of interest in smoothwall of late I thought I'd post a question about securing my box better.
I'm running a smoothwall server on my home network with three machines running into it and a cable modem on the other end.
After reinstalling XP last week I decided to test RDP as it seems like a cool thing to be able to set off important downloads ( BitTorrents ) from work.
My initial system has just to do port forwarding on the RDP port through the firewall and straight into my machine, which has a fixed IP on the internal network.
This works very nicely but has me in a bit of a panic about security - anyone port scanning the modem will see a happy and open RDP port that responds very nicely to probing.
What I would like to do is restrict access to this forwarded port to only communications that comes from my work machine. Or add another level of password protection to the whole scheme so that I can still access my desktop from other remote locations but it doesn't seem such a tempting target to a casual scan.
No doubt there are a number of fantastic sources for this kind of info, but I'm at work and can't really surf all morning (that's what the afternoon is for). Can anyone suggest sites, or does anyone have a solution?
Thanks guys,
Uberlad
I'm running a smoothwall server on my home network with three machines running into it and a cable modem on the other end.
After reinstalling XP last week I decided to test RDP as it seems like a cool thing to be able to set off important downloads ( BitTorrents ) from work.
My initial system has just to do port forwarding on the RDP port through the firewall and straight into my machine, which has a fixed IP on the internal network.
This works very nicely but has me in a bit of a panic about security - anyone port scanning the modem will see a happy and open RDP port that responds very nicely to probing.
What I would like to do is restrict access to this forwarded port to only communications that comes from my work machine. Or add another level of password protection to the whole scheme so that I can still access my desktop from other remote locations but it doesn't seem such a tempting target to a casual scan.
No doubt there are a number of fantastic sources for this kind of info, but I'm at work and can't really surf all morning (that's what the afternoon is for). Can anyone suggest sites, or does anyone have a solution?
Thanks guys,
Uberlad