[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Running multiple CVS instances

From: Jonathan Villa
Subject: Re: Running multiple CVS instances
Date: Fri, 13 Aug 2004 15:03:34 -0500 (CDT)
User-agent: SquirrelMail/1.4.3-RC1

sorry for jumping into this thread late, and I'm more sorry if I'm
repeating information (I deleted all old posts before reading them by

What development environments are being used.  CVS can of course go over
SSH with IDe like JDeveloper and Netbeans...  Or try TortoiseCVS/WinCVS.

I've just configured Putty/Plink within XP and use Netbeans/JDeveloper 10g
to work under SSH.  I also passed my public key to the dev server for
easier access.

again, sorry for jumping right in if I'm not making any sense.

Greg A. Woods said:
> [ On , August 10, 2004 at 07:56:24 (-0700), mat bike wrote: ]
>> Subject: Running multiple CVS instances
>> We have a colleague working on another company that has tight firewall
>> that only allows few ports open.  Unfortunately, CVS port is not one
>> of them (and they don't want to allow it).
> Good for them!
>> We figured that we can bind another instance of CVS pserver to a port
>> they permit traffice on and change our colleague's script to use this
>> alternate port.
> If I was the firewall/security admin at the other company I'd also snap
> that port closed before you could blink (and I'm guessing it might
> already be closed :-).
>> Question is, how safe is this?? Will this cause any harm to our
>> repository?  Any thoughts? Suggestions?
> As Mark has already hinted in his earlier reply to this thread, trying
> to bypass the other company's firewall isn't safe at all from a security
> perspective, nor is it a good idea in terms of your professional
> relationships.
> By suggesting this you are encouraging your colleague to exploit a
> covert channel through his company's firewall.  Depending on his
> company's security policies he could very well be fired for making use
> of the alternate port, assuming it isn't already blocked.
> As Mark also said, you really must help your colleague work with the
> security folks in the other company to understand why he needs access to
> your server and work together to get a secure connection to your CVS
> server.
> You should also really carefully reconsider your use of an insecure
> protocol such as CVSpserver on a public network.
> --
>                                               Greg A. Woods
> +1 416 218-0098                  VE3TCP            RoboHack
> <address@hidden>
> Planix, Inc. <address@hidden>          Secrets of the Weird
> <address@hidden>
> _______________________________________________
> Info-cvs mailing list
> address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]