Ed's Big PlansSSH, (S)FTP, VNC Tests Etc.
With the present setup, my D-Link forwards TCP/80 request to Tin on 8080 which is where Apache lives. It made sense to set up SSH and FTP as well (SFTP uses the same port as SSH AFAIK). This turned out to be remarkably easy, allowing FTP to pass through TCP/21 and SSH to pass through FTP/22 each to Tin. VNC generally uses UDP 5900 and TCP 5900~5902, but opening just UDP+TCP/5900 did the trick.
Of course, as there are _many_ sensitive items on Tin, I can’t afford to just blast everything online so I’ve deactivated the port forwarding for those services after the test was done.
Whenever it is that I get the new web serving hardware, I’ll have to create a lower privilege account to host everything. The plan is to have a box that doesn’t have any kind of interface except for its network connection so that everything is controlled over SSH/SFTP/VNC etc. wherever I am physically in the world.
Edit: Oh! I’ve just learned this is called running a machine headless. — I’ve heard that term before, I just didn’t put it together.
