Hi,
I'm thinking abot using bubba2/horde as my private mailserver but since I don't know anything about internet-security I'm kind of scared of it. Could anyone please summarize (or maybe point me to a good website for security-newbies) what I have to think on in order to not get hacked.
For example; since I'm using the bubba behind a netgear firewall/router I have to open a port in my firewall (portforwarding). Can someone access anything else on my bubba through that port? If someone accesses my bubba, can he/she then access all the computers on my network? Is so, what should I do to minimize the risks?
Thanks,
Please note the new address for this forum : forum.excito.org. The old address redirects here but I don't know for how long. Thanks !
New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !
Security risks when using bubba as a mailserver?
I've been using my Bubba 1 as my private mailserver for 1.5 years now and never had any security problems. As long as your firewall is setup with only the required ports open, there is very little a hacker can do.
I do get regular attempts to do port scans and also attempts to login to Bubba by 'bots' attempting to log into SSH with a whole range of usernames, they have never succeeded though, keep a strong username/password pair is preferable.
Last year I attended an advanced internet security course and my Bubba was subjected to almost every hack known to man and it passed impressively ! Which was a lot better than some well known websites out there.
I do get regular attempts to do port scans and also attempts to login to Bubba by 'bots' attempting to log into SSH with a whole range of usernames, they have never succeeded though, keep a strong username/password pair is preferable.
Last year I attended an advanced internet security course and my Bubba was subjected to almost every hack known to man and it passed impressively ! Which was a lot better than some well known websites out there.
Thanks alot! I feel a lot more reassured now. Just two more questions;
1. When you say that it is important to have a strong username/password to you mean for the mailaccount or for the bubba. Excito set up an admin-user for me and I don't know how to change that username.
2. How do you know that your ports are being scanned and that someone is using ssh to try to log on? Is there a software I can install to check that myself?
1. When you say that it is important to have a strong username/password to you mean for the mailaccount or for the bubba. Excito set up an admin-user for me and I don't know how to change that username.
2. How do you know that your ports are being scanned and that someone is using ssh to try to log on? Is there a software I can install to check that myself?
-
fnorlander
- Posts: 3
- Joined: 27 Oct 2008, 14:25
To check if people are trying to log on to bubba using ssh:ahab wrote:Thanks alot! I feel a lot more reassured now. Just two more questions;
1. When you say that it is important to have a strong username/password to you mean for the mailaccount or for the bubba. Excito set up an admin-user for me and I don't know how to change that username.
2. How do you know that your ports are being scanned and that someone is using ssh to try to log on? Is there a software I can install to check that myself?
1. Log in to bubba using ssh.
2. At the prompt: you can issue "cat /var/log/auth.log | grep invalid" You need to be root to do this.
This checks the file auth.log for people trying to log in with non-existant users, which is common.
I think you can check the file auth.log from the web interface too, just look through it for suspicious logins, they're pretty obvious.
You can also check out http://forum.excito.net//viewtopic.php?t=1007