Re: "Hardened" NSLU2
- --- In firstname.lastname@example.org, "dystopianrebel"
>I have two unslung NSLU2s to do home web pages and a weatherstation.
> --- In email@example.com, "c_rasmus" <chuck@> wrote:
> > Using No-IP I have used my NSLU2 to do a home web page and
> weatherstation..... Every time
> > It's "On Line", I get "Hacked" (Not in the good sense). I know as a
> rookie, that there are ways
> > to prevent this... Any Suggestions from those who know more about
> this than I do?
> I've been running an NSLU2 with SLUGOS/BE as a Web server for about
> one year.
> - lighttpd
> - mysql
> - php
> I use a non-standard SSH port and the ~system~ has never been hacked.
> However, the PHP-based software that I run is constantly being beaten
> up by spammers. I think installing PHP is the worst risk you can take
> with a Web server.
> As for where this PHP spamming is coming from, I find it's mostly from
> the southern USA and Europe. There is some from Asia as well.
> Maintaining a firewall can become a fulltime job. It's in your best
> interest to do research and install well-designed software.
They both have appWeb with PHP, and openSSH. I had none of the ssh,
telnet, etc ports open, only a non-standard web server port open. I
wanted to be able to get in via ssh over the internet without getting
hacked. Another Linux computer I had with open port 22 was getting
attempted logins every few days with many attempted login messages.
(Never a login completed, however). Since my NSLU2s are running with
USB Flash Drives I didn't want to log any attempted breakins.
About 6 months ago, I bought a U.S. Robotics Wireless MAXg Router
(USR5461). It has a stateful packet inspection (SPI) firewall which
hides open ports from port scanning, and port forwarding. I forwarded
port 22 to a non-standard port.
I have had NO attemped logins logged. I also did a port scan from a
frends computer. No ports were reported as being open, yet I could
login into my NLSU2s via SSH on the forwarded ports.
I would recommend using a router with a SPI firewall. It appears to be
an easy soulution to preventing hacking.