Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm relatively new to Linux administration and I've been running a (dedicated) home server running Debian Etch consisting of SSH, LAMP, NFS and SAMBA for a while now. I've set up some simple security measures, such as setting up Apache to only listen to local requests and setting SAMBA passwords/accounts.
This is set behind a router with a built-in firewall which I am not forwarding any ports through (I don't need outside access to this server, at least for the foreseeable future). Is this sufficient security, or should I consider setting up iptables and/or taking other security measures?
If your router isn't forwarding any ports through, then it really boils down to how much you trust other computers on the internal network. Obviously, if you're using a wireless router with no encryption passphrase, the answer to that should be "Not very much!"
But if your internal network consists only of your own personal computers, then you really don't need any further security measures. Obviously, this assumes your other computers are kept secure.
Personally, I would still try to make the server as secure as your time is worth. A virus or something could get onto another computer on your network and then compromise your server. Also, there are still ways to get to your computer through the router without forwarding any ports. Things like PPPOE and stuff. Bittorrent still works through routers.
I've spent a lot of time thinking about that problem and for my situation I just can't see any real solution other than "make darn sure no virus or something ever gets on any of my computers".
In my situation, the basic problem is that my file server is essentially a single user file server. I don't have a bunch of different users, it's really just me. For my file server to do any job at all, my personal account needs to have access to the main file share. This seems to be more or less an "all or nothing" thing. Either my workstation has no access at all, or it has access to everything I care about.
Sure, if a virus "only" infects my user account, the "only" thing it can do is trash all of my user account's data. Yippee! That means I still have...what? The OS? The OS that I can reinstall in about fifteen minutes?
So far, the only security solution I've come up with is a total comprehensive solution.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.