VEHPI-29: Security Hardening



Issue Information

Issue Type: Task
 
Priority: Major
Status: In Progress

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: VehManPi (VEHPI)
Resolution: Unresolved
Target version: 1.0,

Created: 2013-12-26 20:40:14
Time Spent Working


Description
As the system may well connect to unknown networks (if they're open), need to ensure it's hardened against anyone who might try and take a peek at what it does (or tamper with it's operation).

The obvious first step being an audit of open ports, and forcing the user to change default passwords when running the installer


Toggle State Changes

Activity


btasker changed status from 'Open' to 'In Progress'
Open ports are;


pi@VehManPi ~/VehManPi $ netstat -a | egrep 'Proto|LISTEN'
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:gpsd :* LISTEN
tcp 0 0 *:ssh *:
LISTEN
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 2755 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 1255 /var/run/gpsd.sock
unix 2 [ ACC ] SEQPACKET LISTENING 503 /run/udev/control