I'm finally getting around to rebuilding my nat/firewall. This time I'm going to pay a little more attention to security. I would like to be able to administer the server from the outside, and being able to access the private network would be nice too. Vpn is the way I want to go but I've never had luck with isakmpd and getting windows to play nicely with it. I've been using poptop 1.1.3-20030409 on a 3.3 box at work where the only security issues are keeping their virus riddled network from infectning my testing pc's and vice versa. I googled around a bit digging through bugtaq archives and what not and didn't find anything that hasn't been addressed. Good idea/bad idea to run it open to the world? I'd rather not find people sending me email from my internal smtp server again and god knows what else they did.

andy