[mythtv-users] Securing mythweb

Jay Foster jayf0ster at sbcglobal.net
Thu Feb 11 00:42:34 UTC 2010


On 2/10/2010 12:48 PM, mythtv-users-request at mythtv.org wrote:
> In article<3d82ce5f1002091220k6154d53alcd4ee1b1ca1f257a at mail.gmail.com>,
> Kenneth Emerson wrote:
>> >  Once you open up port 22 on your mythtv box to the internet, it will be hit
>> >  by computers trying to hack into it (check out logwatch to find out).
> I use my broadband router to map a different port, only have one user allowed
> to SSH in, and the password is 12+ characters with a mix of cases, numeric
> and punctuation. No problems yet!
>
> Ian
>

I have done the same thing.  However, I noticed that the netbots would 
find my machine on port 22 and start banging away on it.  They never 
succeeded in gaining access, but I didn't like all the extra activity on 
my machine.  This extra activity would also look to my ISP provider as 
either SPAM or me running a server, so my ISP would reset my DSL 
resulting in a new public IP address.  This was annoying and made 
accessing the Myth system from outside more difficult when my public IP 
address would keep changing frequently.

To stop that, I also turned on the firewall on my Myth system to only 
allow access from the local networks and 1 public network (my work 
network).  This stopped the netbots in their tracks.  I could have done 
the same with my firewall/router, but it doesn't have that functionality 
(only does port forwarding/blocking).

Jay



More information about the mythtv-users mailing list