Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I opened a PostgreSQL port by adding a line in /etc/postgresql/10/main/pg_hba.conf
host mydatabase myuser my_ip_adress/32 md5
and then opening the port like this:
sudo ufw allow 5432/tcp
Is this secure enough? Our should I also limit the IP adresses for port 5432 in ufw / iptables?
"Secure enough" depends a lot on your requirements.
I would say that that is good enough for normal purposes. An easy improvement would be to use scram-sha-256 instead of md5 (don't forget to change the password_encryption parameter and set a new password).
If your database contains the secret algorithm that the NSA uses to break TLS encryption, you might want to use a different authentication method like Kerberos that uses central identity management rather than database passwords.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I want to change the Kubernetes server endpoint port.
I am currently using port 6443 and would like to change it to port 7443.
Kubernetes is installed on-premises and is a single master node.
You can change the default secure port by passing the --secure-port flag when you start your k8s api server.
Checkout the next links for more:
https://kubernetes.io/docs/reference/access-authn-authz/controlling-access/#api-server-ports-and-ips
https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
In the features of windows 7 we have both telnet client and telnet server. But in windows 10 telnet server is not available, Can anyone please guide on how to install it? And I am also aware that we can use ssh instead of telnet.
Microsoft deprecated Telnet Servers in Windows Server 2012 R2, and subsequently in Windows 10.
Telnet is considered completely insecure these days, because it sends everything across the wire in plain text, so they removed it.
Since you'd need to install a 3rd party Telnet server, you should (instead) consider installing a SSH server. Similar abilities and results, but SSH is generally considered secure.
Perhaps check out this Serverfault question for some suggested SSH servers:
What is a good SSH server to use on Windows?
(Answer from #Ƭᴇcʜιᴇ007 found HERE)
I know I am a tad late to this feed, but I have used the GSW Telnet Server and SSH Server and they have been great. They claim to be the most secure SSH on the market and I have never had any issues with data security at all.
They do have 24/7 support and can help with installation if there are any difficulties.
Hope this helps - Ben
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Improve this question
I have a small sample application which send some data to the server and close the connection afterwards. I ran it on my localhost as server & client and it worked.
When I ran the same code after changing the IP to another host(running Cent OS in VM) as server and my client (Ubuntu), I get the following error from client binary.
client.c : 47 Error connection to remote machine
139915881411416:error:02002071:system library:connect:No route to host:bss_conn.c:246:host=192.168.56.101:6001
139915881411416:error:20073067:BIO routines:CONN_STATE:connect error:bss_conn.c:249:
I am able to ping the remote server from my terminal. Any suggestions or solutions are welcome :) .
Actually the problem was because of firewall running on server(Cent OS). After stopping the firewall using command,
service iptables stop
the client was able to make a connection with the server.
Better Solution (without stopping firewall):
Add your client's IP address in the iptables so that it will allow the client to connect to your server without stopping firewall.
iptables -I INPUT -s <client_ip_address> -j ACCEPT
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I have a HTTP enabled device on my local network that listens at let's say 192.168.1.32:9427. What's the simplest way to make public access to that socket?
you need to port forward from public ip address to private ip-address on port no. 9427
example:
public ip : 20.20.20.20
private ip : 192.168.1.32
Now when someone try to access your local http server should access via 20.20.20.20:9427
to do that :
you need to enable that on your adsl modem or on your router device
to do that for your adsl modem from here
How to Port Forward Your Router
check open ports to see if port no. 9427 is opened or not
Open Port Check Tool
you need to allow your iptables if you are using linux machine and allow port no. 9427
to do that :
iptables -I INPUT 1 -p --dport 9427 -s -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I have a machine running an ftp server and I'd like to access it from a machine located on another network behind a router only authorizing port 80.
I was thinking of a ssh tunnel like:
ssh -L local_port:${ftphost}:20 user#{sshhost}
Where ${sshhost} is another machine that have access to the ftp server ${ftphost}.
${sshhost} is reachable from my host while ${ftphost} is only reachable from ${sshhost} not mine.
Would that be the best solution ?
The O'Reilly Book "SSH, The Secure Shell: The Definitive Guide" contains a whole chapter about FTP Forwarding.
I think that should answer all of your questions.