[Techtalk] adsl and dyndns issues with changing IP addresses

[Anne Wainwright]

Hello, Monique,

ooops...

well, you have to have a user account on the server, there is the
question of the postgresql username and md5 encrypted password. it is an
ssh connection. the port is redirected via the nat whatever it is in
the router to that server.

Should I shut it down quick? I am not too (at all) hot on security
across the net since this is first time that I have ever done this.

Seriously, what would you suggest as my next step to improve security?

Anne




On Fri, 12 Nov 2010 14:01:46 -0700
"Monique Y. Mudama" <monique at bounceswoosh.org> wrote:

> On Fri, Nov 12 at 21:32, Anne Wainwright penned:
> > Hello, every one.
> > 
> > I actually have this under control, from one end at least. Using the
> > dyndns service and with ddclient on the office server I get easy ssh
> > connections to there from home through the adsl connection.
> > 
> > The situation deteriorates when I want to connect to the postgresql
> > database. In fact I can reliably achieve this, but at the home end
> > the aadsl allocated WAN IP address also changes when I log in
> > afresh. This means that I then have to ssh to the remote site and
> > edit the pg-hba.conf file so that this presents the new IP address
> > as a host address for postgresql. Then I restart postgres to reread
> > the .conf file, and then I get my evening connection afresh.
> > 
> > I didn't want to have such a wide mask that half the world could
> > hack in, which is the only thing I can think of at present, so am
> > wondering what the correct procedure should be. Is there any easy
> > way around this?
> > 
> > I can't be the first person to stumble on this issue, so all schemes
> > considered with thanks.
> 
> Do I understand correctly that your postgres port is open to the
> world, and you're relying on a configuration file to prevent
> unauthorized access?
>