On 9/1/05, Justin Hornsby <[EMAIL PROTECTED]> wrote: > Frank Lynch wrote: > > Hi Folks, > > I'm really starting to like my MythTV box, this is a great project! > > In case its relevant I'm running myth 18.1 on Fedora Core 4. > > > > I'd like to be able to access mythweb from the public Internet (so > > that I can schedule recordings when I'm not at home etc..). With this > > in mind I cretaed an account with dyndns.org, and configured port > > forwarding on my router. > > > > I'm guessing that my next step should be to harden my Apache > > configuration? should I enable https? are there any other precautions > > that I should be taking? The last thing I want is some dirty hacker > > having their evil-way with my mythbox! > > > > If this covered in a howto or some other doc I'd appreciate a pointer. > > I searched, but I couldn't find anything that covers this specific > > topic... I saw the article on tunnelling through ssh[1], but I'd > > rather have a solution that my wife could use (she can certainly use a > > https site with a user name/password, but its a bit much to ask her to > > tunnel over ssh). > > > > thanks, > > --Frank > > I use just standard apache2 - no https... but the password is apparently > random chars, so no script kid is gonna get to it without really trying > hard. > > You can change the port apache runs on, but then that might make > accessing it from work a problem (depending on your workplace's > proxy/firewall etc). > > I get the occasional hack attempt, but so far the worst that has > happenned is a DoS (ping of death?) attack which crashed my router. > > I'm sure there will be people who'll say what I'm doing isn't secure > enough, and I agree it's not the most secure way to do things - but it > works for me, and has done for a long time. I know the risks... > > I look in the logs every week, and from what I've seen in there the > majority of accesses from random IP addresses seem to just be > botnets/kids looking for easy exploits. > > It'll be interesting to see what everyone else does though ;-) > > Justin.
Thanks Justin, I just found a howto on this: http://www.mythtv.info/moin.cgi/SecuringMythWebHowTo?action=highlight&value=CategoryHowTo It sounds like a very similar approach to yours... I think I'll give this a try tonight. cheers, --Frank _______________________________________________ mythtv-users mailing list [email protected] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
