[mythtv-users] Securing mythweb
Jay Foster
jayf0ster at sbcglobal.net
Thu Feb 11 00:42:34 UTC 2010
On 2/10/2010 12:48 PM, mythtv-users-request at mythtv.org wrote:
> In article<3d82ce5f1002091220k6154d53alcd4ee1b1ca1f257a at mail.gmail.com>,
> Kenneth Emerson wrote:
>> > Once you open up port 22 on your mythtv box to the internet, it will be hit
>> > by computers trying to hack into it (check out logwatch to find out).
> I use my broadband router to map a different port, only have one user allowed
> to SSH in, and the password is 12+ characters with a mix of cases, numeric
> and punctuation. No problems yet!
>
> Ian
>
I have done the same thing. However, I noticed that the netbots would
find my machine on port 22 and start banging away on it. They never
succeeded in gaining access, but I didn't like all the extra activity on
my machine. This extra activity would also look to my ISP provider as
either SPAM or me running a server, so my ISP would reset my DSL
resulting in a new public IP address. This was annoying and made
accessing the Myth system from outside more difficult when my public IP
address would keep changing frequently.
To stop that, I also turned on the firewall on my Myth system to only
allow access from the local networks and 1 public network (my work
network). This stopped the netbots in their tracks. I could have done
the same with my firewall/router, but it doesn't have that functionality
(only does port forwarding/blocking).
Jay
More information about the mythtv-users
mailing list