pi-star hardening

G1SEO · Post by **G1SEO** » Tue Mar 03, 2020 6:34 am

Is there any further hardening that is recommended before exposing pi-star to the Internet.

A simple port scan shows ports 22, 80 and 139 open (via a DMZ firewall facility on my router)

22 - ssh
80 - http
139 - netbios-ssn

Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)

w7efs · Post by **w7efs** » Sat Mar 07, 2020 4:12 am

G1SEO wrote: ↑Tue Mar 03, 2020 6:34 am...
Not sure why netbios appears open (unless it is not a response from pi-star and is something in the firewall?)

It's an installed default for some arcane reason:
$ grep 139 /etc/iptables.rules
-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT

Post by **MW0MWZ** » Tue Mar 10, 2020 9:33 pm

Not that arcane, its samba running to make the Pi-Star answer netbios to help windows machines find it.

forum.pistar.uk

pi-star hardening

pi-star hardening

Re: pi-star hardening

Re: pi-star hardening