VEHPI-29: Security Hardening

Issue Information

Issue Type: Task
Priority: Major
Status: In Progress

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: VehManPi (VEHPI)
Resolution: Unresolved
Target version: 1.0,

Created: 2013-12-26 20:40:14
Time Spent Working

As the system may well connect to unknown networks (if they're open), need to ensure it's hardened against anyone who might try and take a peek at what it does (or tamper with it's operation).

The obvious first step being an audit of open ports, and forcing the user to change default passwords when running the installer

Toggle State Changes


btasker changed status from 'Open' to 'In Progress'
Open ports are;

pi@VehManPi ~/VehManPi $ netstat -a | egrep 'Proto|LISTEN'
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:gpsd :* LISTEN
tcp 0 0 *:ssh *:
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 2755 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 1255 /var/run/gpsd.sock
unix 2 [ ACC ] SEQPACKET LISTENING 503 /run/udev/control