Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Rod on January 03, 2003, 12:21:05 PM

Title: sme secure ?
Post by: Rod on January 03, 2003, 12:21:05 PM

the sme 5.5 server im running is set to server-gateway and all traffic to the speedtouch pro has been forwarded to the external nic using the nat defserver addr xx.xx.xx.xx command ,by doing this does it make the server less secure or leave it open for attack ? should only the  ports that need to  be forwarded be forwarded.thanks

Title: Re: sme secure ?
Post by: Bill Talcott on January 03, 2003, 05:16:40 PM

Forwarding all ports would make it exactly the same as connecting the SME directly, without the other device. I don't know of any examples, but this would help if there were some sort of bug affecting SME, that your other device didn't pass on (i.e. the NAT conversion filtered out the bad data before it got to the SME). As the manual states, SME doesn't accept incoming connections except on the public services (web, mail, etc.), so even without your other device you're quite secure.

Title: Re: sme secure ?
Post by: Rod on January 03, 2003, 07:27:36 PM

i wasnt sure about that ,so thankyou