Apr 14
Checklist for securing the Asus Eee PC
Over time, even an ambitious project like the ASUS EeePC will run into first problems. Its growing userbase also means more focus from the black hat community. An important measure to keep a system healthy and secure is updating and other common linux security measures.
Here is my growing/work-in-progress checklist for making the ASUS Eee PC more secure:
- Run the "Install/Remove Software" tool and install available updates from ASUS/Xandros.or go to console and enter: "sudo apt-get update && sudo apt-get upgrade"
- Disable unused services, a good security measure on any linux like OS.
- Stupid tip 1: Choose strong passwords whenever you are asked to. Strong means have numbers and special chars in them, and longer than 8, better 12 chars
- Stupid tip 2: Try securing the system by physical isolation: switch off WLAN whenever you don't need it, use encrypted access-points, do not leave the system unattended
Closing the SAMBA hole
1. You could use an iptables ruleset to block access and close the smbd security hole, but Xandros doesn't have iptables loaded.
2. You could stop the service. Go to console and type:
/etc/init.d/portmap stop
/etc/init.d/samba stop
this will just stop the services for this session as the system is kind of frozen to keep users from messing things.
3. Another measure would be to edit /etc/hosts.deny and add a line like:
portmap:ALL
to close access to the portmap service
4. or edit
/usr/sbin/services.shto deactivate unused services
5. or just update samba (more on system updates here)
sudo apt-get update
sudo apt-get install samba
6. or remove samba altogether if you do not need it
sudo apt-get remove samba