NessieDVB::Forum

... talks ...

[EN] Increase NessieDVB security

Everything except all above (config:vtuner,config:multicast,config:DLNA and config:network)

[EN] Increase NessieDVB security

Postby mebepi » Fri Jan 27, 2012 10:59 am

Hi,

Can you please foreseen:

- That the web interface is protected by a login / password to avoid that somebody change the configuration. (especially for professional use).
- Changing the IP address requires later on to click on save button to confirm it, if we have a login/logout option we can pop-up the end-user that there are still some pending modifications not yet saved.
- To log failed attempt into the log file (try to access the nessie in SSH get the prompt do several tries but nothing appears in the log file so we cannot track possible attempt to hack the nessie).
- May be foreseen to use a non-standard port for SSH access to slightly improve security.
- To log failed attempt to connect to the webif when login/password will be implemented. ;)

Mebepi
mebepi
 
Posts: 13
Joined: Sat Jan 14, 2012 3:36 pm

Re: [EN] Increase NessieDVB security

Postby __jata__ » Fri Jan 27, 2012 10:44 pm

This is basically the same as I asked looong time ago.... (22-12-2010). So, please could you implement this feature request.... ?
__jata__
 
Posts: 72
Joined: Thu Jun 02, 2011 5:05 pm

Re: [EN] Increase NessieDVB security

Postby hop » Fri Jan 27, 2012 10:59 pm

Yes, it is on TODO for ages.

I have to check how hard would be to add SSL support there, then I can say more.

Honza
hop
 
Posts: 86
Joined: Tue May 31, 2011 12:36 am

Re: [EN] Increase NessieDVB security

Postby __jata__ » Fri Jan 27, 2012 11:06 pm

In reality, using of the non-standard ssh port does not increase security notably, because ssh reports itself even on a non-standard port. So combination of 'nmap' and 'nc' will discover everything. But if the password is strong enough, there is no real chance how to break ssh access in a historically short time. Nevertheless, logging of denied accesses would be nice.
__jata__
 
Posts: 72
Joined: Thu Jun 02, 2011 5:05 pm


Return to rest

Who is online

Users browsing this forum: No registered users and 0 guests

cron