Lets assume I've got a PC sitting on a standard home network behind a router and I've just done a fresh install of Ubuntu. I want to install Ubuntu Center, but I want to make sure I'm secure and I'm not really sure what to do. What tips can you suggest?


I'll get the ball rolling with a couple of simple ones:

- Even though I don't have a static IP address, I can reach my home router by registering with a dynamic DNS service (such as http://www.dyndns.com/) and using a simple web address.

- I need to open up ports on my router and point them to the IP address of my Ubuntu Center box... However, I don't know which ports (I assume port 80 as it's http, anything else?). Will changing the ports make it more secure?

- I'm going to use a nice secure alpha-numeric password to make it difficult to guess it!...

And some questions...

- If I'm opening ports to the outside world, is it bad that I'm running network shares between my home machines that don't require username and password (my pictures and music are actually stored on another Linux box and mounted automatically in fstab)? What other vulnerabilities might my other machines have because I've opened up ports and allowing remote access to a machine on my network?

- What avenues of attack are there to Ubuntu Center and what can I do to minimise them? What stupid things mustn’t I do?

Lets assume I've got a PC sitting on a standard home network behind a router and I've just done a fresh install of Ubuntu. I want to install Ubuntu Center, but I want to make sure I'm secure and I'm not really sure what to do. What tips can you suggest?


I'll get the ball rolling with a couple of simple ones:

- Even though I don't have a static IP address, I can reach my home router by registering with a dynamic DNS service (such as http://www.dyndns.com/) and using a simple web address.

- I need to open up ports on my router and point them to the IP address of my Ubuntu Center box... However, I don't know which ports (I assume port 80 as it's http, anything else?). Will changing the ports make it more secure?

- I'm going to use a nice secure alpha-numeric password to make it difficult to guess it!...

And some questions...

- If I'm opening ports to the outside world, is it bad that I'm running network shares between my home machines that don't require username and password (my pictures and music are actually stored on another Linux box and mounted automatically in fstab)? What other vulnerabilities might my other machines have because I've opened up ports and allowing remote access to a machine on my network?

- What avenues of attack are there to Ubuntu Center and what can I do to minimise them? What stupid things mustn’t I do?

The only port that needs to be forwarded is 80, make sure you use a strong password.

If your password is guessed the worst thing that could happen is the possibility of having your files deleted, you might want to set the music folder so the webserver can only read, not write. It is releativly secure as long as you set a decent password though. As for your home network shares should be fine as long as you only forward port 80. Those are about the only tips I have.

When I recently installed everything, I noticed that by default the root password in mysql is blank. You might want to change that or make sure you set it up with a password.

When I recently installed everything, I noticed that by default the root password in mysql is blank. You might want to change that or make sure you set it up with a password.

On the installation instructions I have instructions on howto set a password for your mysql user