[mythtv-users] Semi-OT: Blocking Brute Force SSH attacks

Mike Poublon poublon at geeksoft.dyndns.org
Sat Oct 20 03:43:52 UTC 2007


Chris Ribe wrote:
>
>
>     I've created a small php webpage that I run on my linux router
>     that lets
>     me log in and dynamically add a rule to iptables on the fly
>
>
>
> Secured how?  I'm neither particularly paranoid nor a security expert, 
> but giving php root access (or anyone else iptables access) doesn't 
> sound like an improvement over anything.
>
I gave the apache user rights to sudo iptables. I'm sure it's not the 
most secure thing ever, but the page is behind a password protected (via 
apache) directory that's not linked to anywhere on the home page. I know 
it's a little bit security through obscurity, but it's password 
protected obscurity :)

-Mike


More information about the mythtv-users mailing list