Q: VPN Connection now works - but no network visibility
The Mavericks (Server 3) update (10.9.1 & VPN update) no works enough that I can actually connect – per the Menu item's status. However, I cannot see any of the file structure on the server. I'm logging in as the system's administrator account, so I should be able to see everything connected to the system. What am I doing wrong? If nothing, then is there a known fix coming from Apple? If not, is there a workaround?
OS X Mavericks (10.9.1)
Posted on Dec 23, 2013 2:03 PM
Ah! Gasp! Not good. You probably should shut down 5900, 311, 625, 389, and 686. There are very few reasons I can imagine in which these ports need to be open to the world. Plus, 5900 and 389 are unencrypted so you are sending everything in the plain. Oh, it pains me. If you are opening ssh (port 22), you better be using a hosts.allow file or some other mechanism to secure the port from bot attacks. And 686?! Holy smoke, the last time I recall that port was back in the pre-10.4 days for NetInfo? What is this used for today? You have me stumped on that one.
Best practice is to only open the ports that you need to get inside or the ports required for customer access to services. By this list, it looks like you are using L2TP as your VPN. Those should be the only ones you want to have open. This will require all connections to first establish a VPN connection and then send traffic securely over the VPN tunnel.
No, why you are not seeing the entire file structure of you share, I am not sure. I assume you mean that when you connect to a share point, you can not see all the data inside the share. If this is the case, this could be a restriction of how you implemented your permissions.
Posted on Dec 24, 2013 7:36 PM