Raspberry PI (and/or IOT in general) and Security
Raspberry PI (and/or IOT in general) and Security
(OP)
About the time I began considering playing with Raspberry Pi boxes, I begin seeing various articles come out about all sorts of security threats for Raspberry Pi.
Are there any generally fool-proof methods of securing these devices when connected to the Internet?
Some ideas I'd like to eventually at least test with using Raspberry Pi are:
Setting up a Home Media Center using Raspberry Pi instead of Windows or Linux - may never bother, but it's a thought. (I am concerned the hardware will not be truly capable enough for HD video.)
Possibly building something to eventually tie together a few security cameras at home.
Methods to monitor temperatures in a server room, and have it send alerts.
Methods to monitor lab equipment for certain events
Methods to monitor UPS units for certain events
I have other ideas I think of every now and then as well, but those are some examples. And with anything, I'm concerned about security.
So are there things I can do to protect such a box? Antivirus/firewall software, various settings, anything?
Thanks for any thoughts.
Are there any generally fool-proof methods of securing these devices when connected to the Internet?
Some ideas I'd like to eventually at least test with using Raspberry Pi are:
Setting up a Home Media Center using Raspberry Pi instead of Windows or Linux - may never bother, but it's a thought. (I am concerned the hardware will not be truly capable enough for HD video.)
Possibly building something to eventually tie together a few security cameras at home.
Methods to monitor temperatures in a server room, and have it send alerts.
Methods to monitor lab equipment for certain events
Methods to monitor UPS units for certain events
I have other ideas I think of every now and then as well, but those are some examples. And with anything, I'm concerned about security.
So are there things I can do to protect such a box? Antivirus/firewall software, various settings, anything?
Thanks for any thoughts.
"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57
RE: Raspberry PI (and/or IOT in general) and Security
CODE
The Raspberry Pi 3 definitely is.
No, but if your router has a stateful packet inspection firewall (SPI) and you ONLY open and forward the necessary listening ports to your LAN IPs and route "well known" exploit ports to 'nowhere', you minimise the 'risk' factor.
I have half a dozen Pis running as;
Local DNS cache.
A 'media' box (Pi3 over HDMI) does 1080p via a HDMI switch and a video/audio splitter.
A Pi 2 as MP3/Flac/Ogg Vorbis player (mplayer hooked up to a 4Tb HD with preset playlists)
An original PI (with a DAC to reduce/remove processor noise) playing Planet Rock's MP3 stream pretty much all day.
A Pi 3 running Deluge with several hundred torrents such as Linux Distros plus other open source stuff and legitimate free material.
A Pi 2 running Apache with a couple of personal websites and local mail server installed.
All of them have SSH enabled as I control them from my Linux Mint desktop machine. The only 'Windows' in my flat are the ones I look out of to see what the weather is like.
Plus I have a static external IP and employ nothing more complex than my router SPI firewall.
Chris.
Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Never mind this jesus character, stars had to die for me to live.
RE: Raspberry PI (and/or IOT in general) and Security
"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57