pi-star hardening

All IP networking related issues
Post Reply
G1SEO
Posts: 1
Joined: Mon Feb 24, 2020 11:56 am

pi-star hardening

Post by G1SEO » Tue Mar 03, 2020 6:34 am

Is there any further hardening that is recommended before exposing pi-star to the Internet.

A simple port scan shows ports 22, 80 and 139 open (via a DMZ firewall facility on my router)

22 - ssh
80 - http
139 - netbios-ssn

Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)

User avatar
w7efs
Posts: 332
Joined: Sun Apr 22, 2018 4:26 pm

Re: pi-star hardening

Post by w7efs » Sat Mar 07, 2020 4:12 am

G1SEO wrote:
Tue Mar 03, 2020 6:34 am
...
Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)
It's an installed default for some arcane reason:
$ grep 139 /etc/iptables.rules
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT

User avatar
MW0MWZ
Site Admin
Posts: 1074
Joined: Wed Apr 04, 2018 9:15 pm
Location: Wales, UK
Contact:

Re: pi-star hardening

Post by MW0MWZ » Tue Mar 10, 2020 9:33 pm

Not that arcane, its samba running to make the Pi-Star answer netbios to help windows machines find it.
Andy

73 de MW0MWZ
http://pistar.uk

Post Reply