[clug] Linux Security

[Ian Bardsley]

Hi list members

The current topic "My Windows Box got rooted" has prompted me to 
consider the potential risks associated with a project I am currently 
researching.  Naturally, I call upon the collective wisdom of these 
hallowed pages for advise, guidance and comment.

The scenario:

I have recently given my grand children who live in the Wagga area a PC 
of their own.  This PC is a linux only box (cos I didn't have a copy of 
windows to give them and I figure exposing them to alternatives is a 
healthy approach). It sits as part of a small home network sharing with 
Windows XP  and a Printer connected to to the Windows box.  All this 
works well and both file and printer sharing are working.

As I'm sure that at some point they are going to break something with 
this system, I have been researching how to set this box up to allow SSH 
over the internet through which I plan to tunnel VNC (I hope) in the 
hope that I may be able to fix up damage if it occurs without driving to 
Wagga.

My research has revealed that for all this to happen, Port 22 needs Port 
Forwarding enabled.  Fine...I now know how to set this up within their 
router but the process is not a simple one and ideally should be left 
open for the Wagga family's sake ( not strong on the finer points of 
computing at this stage).  So now I am thinking how do I make this 
system as secure as possible.  Will a software firewall close the gap?  
What happens if they manage to break the system to the point where it 
may be impossible to operate a software firewall  and a host of other 
points that I haven't thought through yet.

So  any comments, advise, guidance would be most welcome as I am on a 
fairly steep learning curve with this.

My thanks in advance for your help

Regards to all


Ian Bardsley