[mythtv-users] mythtv user login password

Stephen Worthington stephen_agent at jsw.gen.nz
Thu Jun 11 04:48:51 UTC 2020


On Thu, 11 Jun 2020 12:13:37 +0800, you wrote:

>
>
>> On 11 Jun 2020, at 11:46 am, Stephen Worthington <stephen_agent at jsw.gen.nz> wrote:
>
>[snip]
>> There are some security implications of doing that, but I always do it
>> shortly after I install a new system.  I also install SSH and allow
>> root logins, but I only allow connections to the SSH port from within
>> the secure part of my home network, by way of the firewall rules in my
>> router.
>
>Which is another of my pet peeves
>
>Presumably your machine has a private address, say 192.168.x.y
>now RFCs prevent a router on the internet fowarding private addresses
>so every router from bad-guys to you is broken
>
>Next unless you allow port forwarding bad-guys make it to your router, how do they get from there to your machine?
>
>Assume they hijack some service out. Usually one allows RELATED, ESTABLISHED back so your firewall is of no help.
>
>Firewall rules on the router prevent a rouge winders machine sprouting to the world, but in general have no value (other than making you feel good)
>
>So effectivly your, and my mythtv machine is a castle surrounded by a deep mout
>James

The bad guys usually get in other than through your router.  For
example, getting you to click on malware in an email.  After that,
they are on the inside of a (usually Windows) PC on the inside of your
network.  So then if the SSH port is open on your Linux boxes, they
can try to attack that from the Windows PC.  There is reason behind
not having root logins enabled and not installing SSH by default.


More information about the mythtv-users mailing list