forum.excito.org

Hi,

I'm thinking abot using bubba2/horde as my private mailserver but since I don't know anything about internet-security I'm kind of scared of it. Could anyone please summarize (or maybe point me to a good website for security-newbies) what I have to think on in order to not get hacked.

For example; since I'm using the bubba behind a netgear firewall/router I have to open a port in my firewall (portforwarding). Can someone access anything else on my bubba through that port? If someone accesses my bubba, can he/she then access all the computers on my network? Is so, what should I do to minimize the risks?

Thanks,

I've been using my Bubba 1 as my private mailserver for 1.5 years now and never had any security problems. As long as your firewall is setup with only the required ports open, there is very little a hacker can do.

I do get regular attempts to do port scans and also attempts to login to Bubba by 'bots' attempting to log into SSH with a whole range of usernames, they have never succeeded though, keep a strong username/password pair is preferable.

Last year I attended an advanced internet security course and my Bubba was subjected to almost every hack known to man and it passed impressively ! Which was a lot better than some well known websites out there.

Thanks alot! I feel a lot more reassured now. Just two more questions;

1. When you say that it is important to have a strong username/password to you mean for the mailaccount or for the bubba. Excito set up an admin-user for me and I don't know how to change that username.

2. How do you know that your ports are being scanned and that someone is using ssh to try to log on? Is there a software I can install to check that myself?

ahab wrote:Thanks alot! I feel a lot more reassured now. Just two more questions;

1. When you say that it is important to have a strong username/password to you mean for the mailaccount or for the bubba. Excito set up an admin-user for me and I don't know how to change that username.

2. How do you know that your ports are being scanned and that someone is using ssh to try to log on? Is there a software I can install to check that myself?

To check if people are trying to log on to bubba using ssh:
1. Log in to bubba using ssh.
2. At the prompt: you can issue "cat /var/log/auth.log | grep invalid" You need to be root to do this.
This checks the file auth.log for people trying to log in with non-existant users, which is common.

I think you can check the file auth.log from the web interface too, just look through it for suspicious logins, they're pretty obvious.

Remember to connect using secure IMAP when collecting your email. The bubba itself has a nice firewall and the mail software is used widely.

You can turn all features like SSH from outside off. That is the nice thing about the bubba, for every use you can tweak it.

You can also check out http://forum.excito.net//viewtopic.php?t=1007