Topic: how to server manager from remote

[arne]

Thanks a lot for your comments

There is actually a some kind of karma system. Look at the field "Advice given" and my -3 and yours +4 and +3

When it comes to my firewall and my risk, then the real situation is that I only expose one open port to the internet, and this is port 443, that is normally the SSL port, but that I use for SSH tunneling. This gives me all the access I need. I also have the option of partly hiding this single port from portscans etc, if I want to. I have to admit I do not understand how the exposure of this single port will increase the overall security risk.

I wil try my best to make a firewall setup, different from what I have been able to google up on the net until now. I will also try to make it work on any Linux gateway or server, including also the SME server, because this is just my fun and enjoyable amateur hobbist project.

But I will not try to discuss it on this forum.

I will be reading the treads and posts on this forum, but I will not be giving any comments, even if there is questions where I think I have an answer that could have worked.

It is the case that most files on the SME server is marked with the GP licence, they can be modified etc.

On the other hand it is also the case that there is some people that runs the Contribs forum that sets the rules for this forum.

Theese rules can be set, and these rules can be respected, without the need of attacking any person.

By the way I think that the SME server really could get some really nice improvements by thinking slightly different about the firewalling part of it, but I understand that, just at the moment, this is not considered to be a good idea.

By the way, thanks a lot for a very relyable and dependable distro, that I have used for years. 

[cactus]

Thanks a lot for your comments

There is actually a some kind of karma system. Look at the field "Advice given" and my -3 and yours +4 and +3

I know but I guess it is hard to understand irony... I have no opportunity to vote neither good nor bad karma and therefore have no opportunity to compliment the users with the same train of thoughts as I have concerning your forum remarks, sorry!

On the other hand it is also the case that there is some people that runs the Contribs forum that sets the rules for this forum.

Theese rules can be set, and these rules can be respected, without the need of attacking any person.

Yes indeed, but you must keep in mind that SME Server is designed to be secure and stabil, modifying it the way you do makes it (very) insecure and possibly instable. The goal of this distribution is to be stabil, secure and easy to install and maintain. Not all users know perfectly well about all security implementations, advising to do stuff like you did certainly does not increase security and that is why I and others try to constantly point out to you as well as readers to be conservative with following your advise.

By the way I think that the SME server really could get some really nice improvements by thinking slightly different about the firewalling part of it, but I understand that, just at the moment, this is not considered to be a good idea.

You are more than welcome to suggest stuff, but we need to make the suggested solution as save and thorough as possible, your advises may be nice and sparkling, your implementation lacks a lot on thoughtfulness and respect for the architecture of the system, which is very well designed and though out.