ssh between F16 Xfce and Cygwin

Sun May 20 16:25:19 UTC 2012

On Mon, May 21, 2012 at 01:20:32AM +0930, Tim wrote:
> This is the worst OS in the world to do that to.  Dropping Windows pants
> for a second is enough for it to get rogered by marauding bastards on
> the net.

That's true...except it shouldn't really matter.  Because nobody should
run a Windows box connected to the Internet except through some sort of
firewall appliance anyway.  A good one.  (The ones built into most cable &
DSL modems are marginal at best.)

That said, if it's Windows XP don't bother turning on the firewall.
Windows 7 (I won't use the 'V' word) actually has a much more capable
firewall--but I still never recommend just counting on that to protect a
site.  Software firewalls are still software; they're running on a complex
OS that can, itself, have vulnerabilities, installed software that can
compromise firewall security, etc.

"Wait a minute", I hear someone say.  "What about Linux with IPTABLES?
Isn't that secure?"  The answer is yes, no, and maybe.  Yes, Linux--with
its Unix heritage--tends to be inherently more secure than Windows,
since security, user privilege restrictions, etc. have been designed
into the system since its inception.  No, because if you're trying
to run an IPTABLES firewall on a general-purpose Linux server,
while it may be better than Windows, it's still subject to the whole
complexity/modification/installed software modification issue.  And maybe,
because you can create a stripped Linux firewall configuration that
mitigates those issues.

So why, you ask, are firewall appliances any better?  The simple answer is
that if they're good, they've a stripped, minimal environment dedicated to
running and managing the firewall, and only that (perhaps with VPN
functionality.)  They run from firmware that should be locked to
modification.  And finally, if you're runinng them in conjunction with the
software firewall, you've got defense in depth; any penetration has to
attack and defeat both the firmware firewall AND the software firewall,
with separate attack vectors.  Hopefully, you've got logging going on with
both firewalls, and some log scanners looking for attacks.

This shouldn't be a big problem--first, check that the CygWin sshd is
actually running.  Make sure it's on the port you're forwarding (you DID
move it to a different port than the default, right?  RIGHT?)

Then, as someone else mentioned, try connecting to it from a CygWin
termninal session on the same machine.  If that doesn't work, it's not
going to work from outside the machine.

Finally, after that works, try a connection from within the same network.
Look at the Event Logs.

Cheers,
--
	Dave Ihnat
	dihnat at dminet.com