Security
From OESF
(revert spam) |
|||
(One intermediate revision not shown.) | |||
Current revision
Security
There are several aspects to Zaurus security.
Firstly, keeping someone with physical access to it from easily getting control. Secondly, ensuring that when it's on a network, an outsider can't break into it!
Locking down local access
Set a password on the root login.
Networking
The Zaurus is a very flexible device when it comes to networking, not just 802.11 wireless networks but also bluetooth, GSM/GPRS/EDGE (and probably, soon 3G).
Remote ssh access
Ideas:
Disable password-less access via ssh?
Disable root login by sshd?
Allow only key-pair authentication?
Bluetooth
Securing bluetooth require several things, setting a good PIN (preferably more than 4 digits), hiding the device, and turning off services you don't need!
Securing Bluetooth - notes about making your Zaurus less visible. Note that just because a device is not discoverable doesn't protect it - a brute-force scan is possible to discover "hidden" bluetooth devices!
IP Firewalls
This is a big subject by itself. Most Zaurus operating systems have iptables built in (or are packaged nicely in a feed), which allows you to control inbound, outbound and forwarding of packets. Most people only really need to control inbound packets and allow everything out. A very simple script to do this looks like:
