The day may be close when I'll need to open a firewall port, so that a distant colleague can access a particular service. This thought fills me with dread as by my reasoning, no matter how tightly I secure my server, it allows the bad guys to easily get malicious data packets into the server's kernel and processes, where some unknown buffer overflow (or other) vulnerability may lurk.
I see my DG834GT seems to allow me to open a very slight crack in my firewall, but still restricted to just a single remote IP. That would let me sleep better, I think. But feel free to disillusion me if I'm missing some other hazards...?
But now my real question... Is the DG834GT's 'single IP' firewall rule common to most routers? The DG834GT may one day need to be replaced, in which case I'd like to think I can continue to operate the same rule with a new router.
