Re: Dangerous updates?
Posted: Fri Mar 15, 2019 2:26 pm
I must add that the Speck cipher by the NSA in the current Linux kernels was not shown to have a backdoor. I'm sorry to have have mislead. OTOH, as I mentioned a previous cipher from a government agency did have a backdoor, so the reputation is not very good. Also, Speck will be seemingly dropped in kernel 4.20 not because of the NSA's bad reputation but because Google has decided to drop its uses for Android.
Now, if you want to secure just a little bit more your box, look at the networked processes that are running and look at the firewall.
For instance, running as root :
% netstat -ntulp
I get the following networked processes, and only those (I have no printer connected) :
(lighttpd and sshd do not get any incoming requests from outside)
For starters, why would you need rpcbind and NFS-related processes running when you do not use NFS ?
Then a basic firewall (if none was installed by the distro) should be good. To check your firewall, as root (w/o the mangle table) :
% iptables -nvL
The output here would be way too long and no so much important to post here.
To check if there's anything in the NAT dept.:
% iptables -t nat -L
Now, if you want to secure just a little bit more your box, look at the networked processes that are running and look at the firewall.
For instance, running as root :
% netstat -ntulp
I get the following networked processes, and only those (I have no printer connected) :
Code: Select all
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1285/lighttpd
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 998/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1258/sshd
tcp6 0 0 :::22 :::* LISTEN 1258/sshd
udp 0 0 127.0.0.53:53 0.0.0.0:* 998/systemd-resolve
udp 0 0 0.0.0.0:68 0.0.0.0:* 1460/dhclient
For starters, why would you need rpcbind and NFS-related processes running when you do not use NFS ?
Then a basic firewall (if none was installed by the distro) should be good. To check your firewall, as root (w/o the mangle table) :
% iptables -nvL
The output here would be way too long and no so much important to post here.
To check if there's anything in the NAT dept.:
% iptables -t nat -L