While playing around on one of the challenge machines, I setup some port forwarding. It occured to me that during that period anyone coming along to start the same box with an nmap scan might stumble across my temporary port, blissfully unware it wasn’t part of the official challenge. Worst case on the wrong machine, someone could accidentally leap-frog a bunch of steps!
Is there an understood etiquette around (not) opening up additional ports? On the odd occasions it’s the most useful way to proceed, I can make sure to pick a high port outside likely nmap scans, and try to filter incoming connections to just my IP where the script/service allows. Beyond that it is considered fair game?
Chisel looks good but I’ve found some more lightweight perl that does the job. I’ll see if i can put in some IP whitelisting then combined with a very high port number, I won’t fret too much!