security for a home system

To: debian-user@lists.debian.org
Subject: security for a home system
From: Douglas Allan Tutty <dtutty@porchlight.ca>
Date: Sat, 21 Apr 2007 13:49:18 -0400
Message-id: <[🔎] 20070421174918.GA10236@titan>
Mail-followup-to: debian-user@lists.debian.org

Reflecting on recent posts re allowing root login (related, but I didn't
want to steal the thread), I'm wondering about a home network and what
to bother with.  There's a touch of devil's advocate in this but the
concept that physical access == root access causes one to wonder.

If I have two boxes, with two users, linked by ethernet and one box is
on dial-up to the ISP, with nothing listening on external ports except
the ntp daemon, what is a reasonable stance on security?  

Given that anyone who breaks into the house will have physical access to
the consoles anyway, do I need a whiz-bang long root password, strong
passwords on the regular uses, and all the other hypervigalance?

If ssh isn't even listening on external interfaces, does it matter if I
allow root to ssh (useful for rsyncing backups between the boxes)?

Why bother to rsync instead of just nfs mounting the backup repository?

If I need to run a backup, other than it being 'proper', why not just
login as root instead of myself and su?

Note that I am _not_ suggesting that I just do everything as root; then
I loose the protection from myself.

Doug.

Reply to:

Follow-Ups:
- Re: security for a home system
  - From: Joe Hart <j.hart@orange.nl>
- Re: security for a home system
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: Exim4 EHLO/STARTTLS/AUTH and buggy client
Next by Date: Re: to allow root logins or not?
Previous by thread: Re: Updated Sid today, xorg cannot find "nvidia" driver
Next by thread: Re: security for a home system
Index(es):
- Date
- Thread