Home » Forums » Other Stuff » Chit Chat and What Not

hacking in

Submitted by antonywardle on October 1, 2009 - 2:40am

Hi

I was looking at my security logs and
noticed that there was someone trying to log in
externally.

I ws curious to find out how HARD my
mythdora set up is outof the box?

It doesn't look like i can log in
as rootor mythtv, is there anything
else I need to check?

antony

‹ Post Sequence Home Server setup ›

In terms of hardening this

Submitted by bic on October 1, 2009 - 3:40am.

In terms of hardening this is what I do:

Change root and mythtvs passwords.

Don't forward any ports to your mythbox. If you have to, I use hosts.allow and hosts.deny. hosts.allow:
ALL: 67.18.55.4, 192.168.1.

hosts.deny:
ALL:ALL

If your still concerned setup ssh keys.

This way I only can ssh in from work and local network.

Don't use Apache. If you have to setup htpasswd for it. Of course my hosts files would prevent anyone else except me to access it.

There's more on www.linuxquestions.org Security forum for detecting hacks and blocking them.

»

Good tips in general. Out

Submitted by pisani on October 1, 2009 - 6:23am.

Good tips in general.

Out of the box, we encourage some level of security. We explicitly deny root login from ssh, and we give the option to change the mythtv user's passwd in the config; as well as give the option to set an http passwd and change the default listening port for apache.

However, there may always be some exploitable piece of a linux system.

In my configuration I only port forward the http port that I need to use mythweb.

Ryan

»