need setup help

Gnea gnea at rochester.rr.com
Tue Sep 12 17:34:26 CEST 2000 

On Mon, 11 Sep 2000 21:20:55 -0500, Jason Ostermann said:

> While I don't normally consider myself a clueless newbie, I'm quite lost
>  with tinc right now.
>  Situation: remote machine is the tinc server, let's say internet ip
>  148.94.168.23. (ip's changed to protect the guilty) It's name is Shire.
>  Local machine is tinc client, internet ip 205.64.36.65. It's name is
>  Gondor.
[snip]
>  Gondor:
>  ConnectTo = 148.94.168.23
>  ConnectPort=8080
>  MyOwnVPNIP = 192.168.111.2/24
>  VpnMask = 255.255.255.0
>  Passphrases=/etc/tinc/passphrases/
>  TapDevice=/dev/tap0
>  
[snip]
>  Gondor:
>  Sep 11 21:00:55 oddworld tinc[6729]: tincd 1.0pre2 (Sep  8 2000
>  12:03:59) starting, debug level 2.
>  Sep 11 21:00:55 oddworld tinc[6729]: Generating 128 bits keys.
>  Sep 11 21:00:55 oddworld tinc[6729]: Ready: listening on port 655.
>  Sep 11 21:00:55 oddworld tinc[6729]: Connected to 209.39.43.250:8080
>  Sep 11 21:00:59 oddworld tinc[6729]: Connection with 209.39.43.250
>  activated.
>  Sep 11 21:02:40 oddworld tinc[6729]: Got TERM signal
>  Sep 11 21:02:40 oddworld tinc[6729]: Terminating.
>  Sep 11 21:02:40 oddworld tinc[6729]: Total bytes written: tap 0, socket
>  1056; bytes read: tap 1100, socket 0.

in addition to what Jason pointed out, please note that even though you
did not specify a listen port, it's still gonna listen on the default
port of 655.  You should reall fix that (for security reasons).  

Also, running on port 8080 is a BAD idea, for one thing it is above the
standard port range, and for a second thing, 8080 is popular for
webcache data... suddenly you'll have lots of people trying to break in
unless u setup firewall rules.. well, it's up to you, but if you get
hax0red, you can never say you weren't warned :)

-- 
	.oO gnea at rochester dot rr dot com Oo.
	    .oO url: http://garson.org/~gnea Oo.

"You can tune a filesystem, but you can't tuna fish" -unknown

-
Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://ftp.nl.linux.org/pub/linux/tinc/

More information about the Tinc mailing list