[mythtv-users] Security concerns for my myth box

Phill Edwards phill_edwards at hotmail.com
Thu Dec 16 00:56:54 UTC 2004 

I use the port forwarding feature of iptables on my linux firewall to 
forward a request on port xxxx to the web server running on my mythtv box 
behind the firewall. This works very well. Trouble is, I've also implemented 
the nvram-shutdown stuff so the machine's hardly ever up anyway when I want 
to access mythweb!

>
>I would just open the ssh port and access mythweb over ssh.  No need to 
>open a web server to the world if you don't have to.
>
>Just my 2 cents.
>At 06:09 PM 12/15/2004, you wrote:
>>Very interested to hear some knowledgable users comments on this.
>>
>>I am behind a NAT router, have a dynamix IP but will use dynDNS, and I
>>have port 80 blocked by ISP.  I plan to open SSH and a port for HTTP
>>(1010 or 1080) so I can use MythWeb when out of the house.  I will
>>obvisouly change my crappy root password when I get to opening the
>>ports..
>>
>>Cheers,
>>Whytey
>>
>>
>>On Wed, 15 Dec 2004 16:16:14 -0500, Craig Partin <cpartin at gmail.com> 
>>wrote:
>> > After reading the post about the poor soul who's box was rooted, it
>> > got me to worrying about my own.  Right now I feel pretty safe with
>> > the box behind a NAT hardware firewall.  I do want to open some ports
>> > for SSH and HTTP connections and wonder what security considerations I
>> > might be missing.
>> >
>> > The myth user is logged in with sudo passwordless renice access.
>> > Services are run as root and the frontend and X are setuid root.  It's
>> > a basic gentoo install with no additional security related tweaking.
>> > openSSH, MySQL, and Apache2 are the only network daemons running.
>> >
>> > What security measures do others have in place?
>> >
>> > Thanks,
>> > Craig
>> >
>> >
>> > _______________________________________________
>> > mythtv-users mailing list
>> > mythtv-users at mythtv.org
>> > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>> >
>> >
>> >
>>
>>
>>--
>>GMAIL is 'da bomb baby....YEAH
>>_______________________________________________
>>mythtv-users mailing list
>>mythtv-users at mythtv.org
>>http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
>_______________________________________________
>mythtv-users mailing list
>mythtv-users at mythtv.org
>http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users

More information about the mythtv-users mailing list