[mythtv-users] Securing mythweb
Travis Tabbal
travis at tabbal.net
Tue Feb 9 20:37:26 UTC 2010
On Tue, Feb 9, 2010 at 1:20 PM, Kenneth Emerson
<kenneth.emerson at gmail.com>wrote:
>
>
>
> Once you open up port 22 on your mythtv box to the internet, it will be hit
> by computers trying to hack into it (check out logwatch to find out). If
> you leave userID logins enabled, odds are you will eventually get hacked.
>
You don't need port 22. I said SSH, which can run on any port. Denyhosts
goes a long way toward stopping the random brute force attacks if you want
port 22 though. And, like you said, you can turn off user/pass logins and
force public/private keys. Even that's not 100% (Debian bug not so long
ago), but it's a LOT better. And it's so much better than HTTP digest auth
that it's not really worth talking about.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mythtv.org/pipermail/mythtv-users/attachments/20100209/9b5a3753/attachment.htm>
More information about the mythtv-users
mailing list