Security

Discussion in 'Linux' started by vold, Aug 6, 2008.

  1. vold

    vold

    Joined:
    Aug 6, 2008
    Messages:
    2
    Likes Received:
    0
    I was wondering about the security of these Aspire One's, since it is a mobile device it seems to me it's going to be used a lot in Starbucks and places like that where anyone can have a go at your laptop. Since it's a linux box the security issues are well known, and the usual answer is 'run iptables and set up some firewall rules' or 'have no open ports'. Both is probably a good idea.

    The One, however, doesnt have iptables either compiled into the kernel or available as a module.
    Either I'm not seeing it or it's just not there.

    Add to that that the box has a few ports open, X is listening on 6000/tcp, dhcp is listening on 68/udp, and cups on 631/tcp. Seems like if you are not using cups you can turn it off

    sudo /etc/init.d/cups stop - will turn it off
    sudo chkconfig --del cups - will remove it (who prints to paper these days anyway?)

    As for dhcp, it's a necesary evil these days. Someone else can say how to disable it.

    The X server however is a different thing. No modern distro should be shipping linux with a listening X server. The problem here is that they dont use GDM/KDM/XDM, so putting the option
    -nolisten tcp
    in the usual places wont do you any good, as someone else has pointed out on these forums Linpus uses an ugly hack to fire up X in the init scripts.

    The way to stop it from listening is this.
    Open /etc/rc.d/rc.S with an editor *as root* (launch your editor with sudo from a terminal)
    edit the line
    to be
    reboot

    voila

    etc (the unix domain sockets are local, not networked)

    port 68 udp is dhcp, like we said.
     
    vold, Aug 6, 2008
    #1
Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.