Re: [PLUG] Securing Web Site for External Traffic

[Chad Waters <chad@chadwaters.com>]

On Fri, Aug 28, 2015 at 9:08 AM, Thomas Delrue <delrue.thomas@gmail.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

If you're thinking of putting baby monitors and other fun toys on it,
then I would suggest the following rule in iptables which will solve all
your problems:
sudo iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable

In reality though, really, what you're doing is punching a whole in your
wall just waiting for someone else to go all hulk on it. Chances are,
even if you put a username/password on it, you'll either never enter it
on your phone because it's too long and hard (it's a secure and long
password, right?) or you will have something that says 'use cookie to
always let me in' which is a whole different security problem now (ever
walked around Anacostia, DC? You'll be 'relieved' of your cell phone
quicker than you can say 'wah?').
Getting a digital burglary through this is not so much an 'if' as it is
a 'when'...
0 stars, would not recommend digital burglary again

But that's like... just my opinion, man...

If he as a need, then he requires a secure solution. Security is about weighing risks. No one can hack his baby monitor if its in a box in the closet, but its not doing much good there.

In your particular scenario, the risk can be mitigated by encrypting the storage on the phone and setting a passcode.

 

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug