[arm-allstar] Firewall notes

James Hause hausejd at gmail.com
Thu May 17 05:53:10 EST 2018


Opps,  well just realized there is a menu item to change password.  Sorry
for wasting your time.

On Thu, May 17, 2018 at 4:57 AM, James Hause <hausejd at gmail.com> wrote:

> Thanks for all the information.  This is probably a dumb question, but
> rather ask then mess things up.
> Is there a how-to on changing existing password?  My node was set up
> before the changes made for longer passwords.
> I assume I would follow the same steps for setting the password for an
> initial image set, but want to be sure.
>
> On Thu, May 17, 2018 at 1:08 AM, "Doug Crompton via arm-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
>> Let me reinforce what Dave has said about firewalls. We get off on these
>> rather technical discussions about things from time to time and forget
>> that
>> many or possibly most of our users do not have the knowledge to discern
>> what is good information and what is not. The discussion of firewalls
>> comes
>> up from time to time and again I want to emphasize that most of you do NOT
>> need a firewall.
>>
>> Many users come from Windows or possibly from the Debian fiasco about a
>> year ago when systems were compromised due to an OS screw-up. Our hamvoip
>> systems have only the ports open that you would normally use - ssh, iax,
>> and http. I do not want users to become scared that their system are a
>> time
>> bomb waiting for hacking. I will repeat what Dave said - Implementing a
>> firewall and opening these ports adds nothing to protection as they are
>> the
>> only ports open to begin with.
>>
>> First of all if you are nat'ed behind a router and you don't port forward
>> port 222 (ssh) you are safe. If you do port forward ssh and you use a good
>> password - 10-12 characters consisting of mixed upper/lower case, numerics
>> and special characters you are safe. Many users use simple passwords and
>> while that is probably OK if you don't allow Internet access to ssh it
>> definitely would not be otherwise.
>>
>> So if you are using a stock hamvoip system and you have not opened
>> additional ports and you use a good ssh password then you have nothing to
>> worry about. Fear seems to be the order of the day any more. Relax, play
>> Allsar, use common sense and stop worrying about things you don't need to
>> worry about.
>>
>>
>> *73 Doug*
>>
>> *WA3DSP*
>>
>> *http://www.crompton.com/hamradio <http://www.crompton.com/hamradio>*
>> _______________________________________________
>>
>> arm-allstar mailing list
>> arm-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3 web page - http://hamvoip.org
>>
>
>


More information about the arm-allstar mailing list