Re: security for a home system

To: debian-user@lists.debian.org
Subject: Re: security for a home system
From: Paul Johnson <baloo@ursine.ca>
Date: Mon, 23 Apr 2007 01:23:00 -0700
Message-id: <[🔎] 17583535.T4bb60hhUu@ursa-major.ursine.ca>
References: <[🔎] 20070421174918.GA10236@titan>

Douglas Allan Tutty wrote in Article <[🔎] 20070421174918.GA10236@titan> posted
to gmane.linux.debian.user:

> If I have two boxes, with two users, linked by ethernet and one box is
> on dial-up to the ISP, with nothing listening on external ports except
> the ntp daemon, what is a reasonable stance on security?

Probably, yes.

> Given that anyone who breaks into the house will have physical access to
> the consoles anyway, do I need a whiz-bang long root password, strong
> passwords on the regular uses, and all the other hypervigalance?

Yes.  It's not necessarily what's on the machine, but how it's resources can
be abused.  Most spam is sent from compromised systems of various types.

> If ssh isn't even listening on external interfaces, does it matter if I
> allow root to ssh (useful for rsyncing backups between the boxes)?

I would recommend against allowing root ssh just in case.  It's not that
hard to sudo anyway.

-- 
Paul Johnson
Email and IM (XMPP & Google Talk): baloo@ursine.ca

Reply to:

Follow-Ups:
- Re: security for a home system
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>

References:
- security for a home system
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>

Prev by Date: RE: Large ICMP packets tracing/troubleshooting
Next by Date: Re: security for a home system
Previous by thread: Re: security for a home system
Next by thread: Re: security for a home system
Index(es):
- Date
- Thread