[mythtv-users] Mythweb security
Ben Bucksch
linux.news at bucksch.org
Fri May 2 04:09:28 EDT 2003
W Jason McMillon wrote:
>I am not real comfortable leaving my server accessable to others.
>
I wouldn't connect the server/myth backend directly to the internet at
all. For example, I am not sure that you can bind the myth backend to a
certain IP address / network interface, meaning that anyone can access
the backend. (or are there any security measures? but even if so, there
are often worse security bugs in these access checks.) I don't need to
access the DB to figure out the port to connect to, nor to do malice
with the the backend.
Do a
netstat -a |grep "tcp\|udp"|grep " 0 \*:"
to see which servers you are running against all network interfaces.
There should be practically nothing listed.
More information about the mythtv-users
mailing list