And Cloud9 IDE which runs as root. I'm looking if any security grad student wants to do a study on how to secure a BeagleBone and keep the ease of use. Just leaving a conference with the guys leading some of the analysis of Mirai out of U of M and I hope they'll take the challenge.
> On Oct 27, 2016, at 7:25 PM, Robert Nelson <[email protected]> wrote: > >> On Thu, Oct 27, 2016 at 1:12 PM, Josiah Yoder <[email protected]> wrote: >> I teach a real-time systems class where students use Beaglebone over the >> network. Generally, we are behind a protected firewall, but sometimes the >> students want to debug on other parts of the campus. >> >> By default, one can access the root account without a password. If my >> students put such a BeagleBone on a network where the IP is externally >> visible, is it likely that the BeagleBone will become infected by the >> open-source botnet software Mirai? >> >> I guess it's a moot point -- the root password should be changed before >> attaching the BeagleBone to a public network anyway! > > At-least run: > > cd /opt/scripts/un-tweak-image/ > > sudo ./debian-re-secure-root-ssh.sh > > and it'll set a root password and disable "PermitEmptyPasswords" > sshd_config option.. > > and remove "bonescript", you can just disable disable the two > bonescript system service files.. > > Regards, > > -- > Robert Nelson > https://rcn-ee.com/ > > -- > For more options, visit http://beagleboard.org/discuss > --- > You received this message because you are subscribed to the Google Groups > "BeagleBoard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/beagleboard/CAOCHtYiwk2M3T%2BR8uiQNa8sxzNoHxkdV3c4eBPimDhxnSn-_%2Bw%40mail.gmail.com. > For more options, visit https://groups.google.com/d/optout. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/91221EFA-363E-42FC-8004-3922735FEF8D%40gmail.com. For more options, visit https://groups.google.com/d/optout.
