[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

security advice wanted for home server

I have an embedded device with attached usb hard disk (a Linksys NSLU2) which I have installed debian on, with the aim of using it as a home server over ADSL. (The idea being that it's quiet and consumes very little power, so I'm happy leaving it switched on all the time, which I wouldn't be with a desktop type machine.)
I'm thinking of setting it up as a web server at some point, but could do with some basic advice about the security side of things if anyone can help with that. One question is how likely this is to be a problem (and would the fact that it's on an arm chip not intel reduce the likelihood of a successful attack?); also what kind of precautions I should take against being cracked?
My network is an ADSL modem/router with built in firewall and port forwarding, behind which I have 2 laptops, one running linux and one running windows xp, plus the NSLU2. 

What I'm thinking of doing to secure the NSLU2 is:

- Check that the only open incoming ports are ones that I need.
- run a firewall (shorewall?). (Though is this actually going to make a difference on such a small network where there are only the localnet and internet zones to think about and the router already has a built in firewall? I'm assuming that it's something I should do, but not sure what kind of attacks a firewall on the NSLU2 would really stop, given that only one incoming port (http) is going to be open on my router, and I can make sure that the server doesn't have any incoming ports open except http and ssh)
- use aide to check the system files regularly. The way I'm thinking of doing this is to put a bootable debian image (with aide installed) on a flash disk, then every week or so boot my laptop from this with the slug's usb hard drive plugged into the laptop as well, and check the system using aide that way. Then install any updates, then calculate the checksums again and store them on the flash disk (which I would never use for any other purpose). This is putting me off somewhat, as I was doing something similar with another server I had a while back, and it was a fair bit of hassle to keep it up every week. So it would be good to know if this is overkill, or a sensible thing to do?
- work through the securing debian manual to see if there's anything else I've missed. 

andy.
Reply to: