[mythtv-users] Security concerns for my myth box

Kevin Kuphal kuphal at dls.net
Thu Dec 16 00:54:03 UTC 2004


Craig Partin wrote:

>After reading the post about the poor soul who's box was rooted, it
>got me to worrying about my own.  Right now I feel pretty safe with
>the box behind a NAT hardware firewall.  I do want to open some ports
>for SSH and HTTP connections and wonder what security considerations I
>might be missing.
>
>The myth user is logged in with sudo passwordless renice access. 
>Services are run as root and the frontend and X are setuid root.  It's
>a basic gentoo install with no additional security related tweaking.  
>openSSH, MySQL, and Apache2 are the only network daemons running.
>
>What security measures do others have in place?
>  
>
Since I have a Windows machine on my net I only open the RDP port to 
allow remote desktop access to my Windows box and then access everything 
else on my net from there.  In a Linux only environment I would only 
open SSH as you can tunnel anything else you need through that SSH 
connection like HTTP, X, or others.

Kevin



More information about the mythtv-users mailing list