Page 1 of 1

pi-star hardening

Posted: Tue Mar 03, 2020 6:34 am
by G1SEO
Is there any further hardening that is recommended before exposing pi-star to the Internet.

A simple port scan shows ports 22, 80 and 139 open (via a DMZ firewall facility on my router)

22 - ssh
80 - http
139 - netbios-ssn

Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)

Re: pi-star hardening

Posted: Sat Mar 07, 2020 4:12 am
by w7efs
G1SEO wrote:
Tue Mar 03, 2020 6:34 am
...
Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)
It's an installed default for some arcane reason:
$ grep 139 /etc/iptables.rules
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT

Re: pi-star hardening

Posted: Tue Mar 10, 2020 9:33 pm
by MW0MWZ
Not that arcane, its samba running to make the Pi-Star answer netbios to help windows machines find it.