[SATLUG] Questions about home server security

Frank Huddleston fhuddles at gmail.com
Sun Feb 10 12:35:48 CST 2013


Greetings,

   I am wanting to set up a small server (Raspberri Pi with an attached 
hard drive), to serve mostly as remote backup/personal cloud, at my 
son-in-law's house. I'm concerned about the security implications, and 
don't want to expose his home computers to undue risk as a result. He 
doesn't run any servers at this time: only wirelessly connected laptops 
and cell phones.
   I've had a home server exposed to the internet for some time, and 
from time to time I see hacking attempts, but so far nobody has broken 
in (as far as I know). I use port-forwarding, and have only exposed the 
ports I think are necessary to the things I run: ssh, http, icecast, 
mpd/mpc, Subsonic. It's possible that I'd want a few more, and maybe 
drop a few I have now, but that gives you a general idea.
   I haven't done anything special to secure my servers: previously I 
ran NetBSD on one, but now they are Debian
(the Pi runs a variant called, I think, Raspian). I see there is an 
option on on his router to put a computer in the DMZ, but it says this 
should only be temporary, to test something out.. I don't have a DMZ on 
my own home LAN.
   So what can you tell me? I guess I really mean, what can I tell him? 
Is this relatively safe for his LAN? Is there something I should do to 
make it safer?

Thanks,

Frank Huddleston




More information about the SATLUG mailing list