[Cvsnt] Binding CVSNT to multiple (but not all) IP addresses in a machine

Tony Hoyle tmh at nothing-on.tv
Tue Aug 13 13:45:37 BST 2002


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


On Mon, 12 Aug 2002 16:30:25 -0700, "John D. Gwinner"
<jgwinner at dazsi.com> wrote:

>Actually, I'm not sure that's true.  I was thinking of installing CVS on a
>software firewall, and in this case I would want the firewall acting on port
>2401 on the external LAN card, and CVSNT acting on the internal NIC.
>
>It's obviously better to have 2 machines, but a standard technique is to run
>your 'server' on the internal NIC, then create a mapping in the firewall
>software from it's external IP / port to the internal address ("Server
>publishing").  That way, the firewall can detect port scans and can log
>connection attempts.  If CVSNT starts before the packet filter, the packet
>filter can't grab the port -and if you start the packet filter first, it's
>possible CVSNT might get confused (I'm not sure, I'd have to try this).
>
In that case you're only binding to a single address so the
BindAddress key will work.  OTOH A firewall should not have server
software running on it.  CVSNT is not secure enough for that kind of
thing (at least it's never been validated as secure, which virtually
guarantees that some kind of hole exists somewhere).

Tony




More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook