[arm-allstar] Additional Packages?

David Andrzejewski david at davidandrzejewski.com
Sun Jul 31 14:07:17 EDT 2022 

Gotcha. I can do that, no biggie.  None of my stuff is exposed to the internet directly except for the iax port.

Appreciate it!

Dave

-----Original Message-----
From: David McGough <kb4fxc at inttek.net> 
Sent: Saturday, July 30, 2022 21:31
To: "David Andrzejewski via ARM-allstar" <arm-allstar at hamvoip.org>
Cc: David Andrzejewski <david at davidandrzejewski.com>
Subject: Re: [arm-allstar] Additional Packages?


Hi David,

Zabbix support isn't included in HamVoIP, nor do I expect support to be added--it isn't needed, is pretty heavy and has had repeated cases of vulnerability concerns...I have personally been bitten by Zabbix vulnerabilities, in years past!! You can manually compile the the various agents if they're important to you.

HamVoIP is typically used as an IoT appliance and just "works."

>From a security standpoint, use good quality ssh and/or Supermon passwords (or key-based access).  Put the ssh server on an obsure tcp port, to minimize drive-by attacks, which can fill up the /var/log tmpfs partition.

I agree that it's time for a full repository refresh--mainly for software compatibility.  However, when used in a "normal" way (meaing ssh, web services and apache open), I know of no exploitable security concerns--- again, use a high quality password for ssh if you expose ssh to the Internet or you *WILL* get hacked!

I maintain the HamVoIP repositories and there are tens of thousands of these nodes deployed, 95% of them directly exposed to the Internet.

73, David K4FXC


On Sun, 31 Jul 2022, "David Andrzejewski via ARM-allstar" wrote:

> I'd like to install additional packages - for example, a Zabbix agent - 
> on my hamvoip systems.   I'm not very familiar with pacman, but from 
> what I can tell there are no Zabbix packages in available in the 
> hamvoip repo that comes with the distro.  Is there a way to get 
> additional packages on without having to do too much messing around?
> 
> I'd also ask this - how up-to-date are hamvoip.org's repos?  I have (obvious) security concerns.
> 
> Dave
> _______________________________________________
> 
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> 
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>

More information about the ARM-allstar mailing list