Security

From OESF

Security

There are several aspects to Zaurus security.

Firstly, keeping someone with physical access to it from easily getting control. Secondly, ensuring that when it's on a network, an outsider can't break into it!

Locking down local access

Set a password on the root login.

Networking

The Zaurus is a very flexible device when it comes to networking, not just 802.11 wireless networks but also bluetooth, GSM/GPRS/EDGE (and probably, soon 3G).

Remote ssh access

Ideas:

Disable password-less access via ssh?

Disable root login by sshd?

Allow only key-pair authentication?

Bluetooth

Securing bluetooth require several things, setting a good PIN (preferably more than 4 digits), hiding the device, and turning off services you don't need!

Securing Bluetooth - notes about making your Zaurus less visible. Note that just because a device is not discoverable doesn't protect it - a brute-force scan is possible to discover "hidden" bluetooth devices!

IP Firewalls

This is a big subject by itself. Most Zaurus operating systems have iptables built in (or are packaged nicely in a feed), which allows you to control inbound, outbound and forwarding of packets. Most people only really need to control inbound packets and allow everything out. A very simple script to do this looks like: