Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Security of net install?

Ask for help with issues regarding the Installations of the Debian O/S.
Post Reply
Message
Author
caerolle
Posts: 4
Joined: 2017-02-24 04:15
Location: USA

Security of net install?

#1 Post by caerolle »

Hi, not sure where to ask this, going to try here.

I have done a net install, as that seems to be a good way to get a minimal system. I have done net installs in the past, and always worried about exposure of my system during the install. I have spent a fair amount of time digging about in the Debian pages, and the only thing I have found was the advice in the Securing Debian wiki to (if I understand correctly) NOT do a net install (essentially to not connect to the internets until the install is complete and security is in place). OTOH, the net install (minimal CD seems to kind of be recommended?

Immediately on the install stopping I installed ufw and enabled and configured it, and also installed rkhunter and chkrootkit and ran those. Anything else I should do?

Thoughts? Suggestions? Advice?

Thanks!

Carol :)

Bulkley
Posts: 6383
Joined: 2006-02-11 18:35
Has thanked: 2 times
Been thanked: 39 times

Re: Security of net install?

#2 Post by Bulkley »

Sure. Choose the maximum security setting for your router/modem firewall.

caerolle
Posts: 4
Joined: 2017-02-24 04:15
Location: USA

Re: Security of net install?

#3 Post by caerolle »

Thanks! I am ashamed to admit it, but I avoid messing with the router, the interface on those things is horrid. I really need to download something other than the firmware that came on it, too.

Carol :)

Segfault
Posts: 993
Joined: 2005-09-24 12:24
Has thanked: 5 times
Been thanked: 17 times

Re: Security of net install?

#4 Post by Segfault »

I do not see how someone could install a rootkit during install, you are behind NAT router and you are not offering any publicly accessible services in your box you are installing to. The only way to get hacked during netinstall is if your router is owned and the DNS resolves into a fake Debian domain letting you install tampered deb packages.

caerolle
Posts: 4
Joined: 2017-02-24 04:15
Location: USA

Re: Security of net install?

#5 Post by caerolle »

Thanks, Segfault! :)

I am actually behind a couple of routers: I have ATT uVerse, so have hopefully some protection from their modem, then have a good router plugged into that which feeds everything (with a strong password), and provides my wireless (I don't use ATT's wireless). My computer is directly wired to the model, so no worries about wireless wrt it.

My worry was less about getting bad packages than having something get in and install before I got the firewall up. I didn't install SSH or any server stuff, so I would think that should cut down on the risk that exists between the time I have a working system and when I got the firewall up.

Segfault
Posts: 993
Joined: 2005-09-24 12:24
Has thanked: 5 times
Been thanked: 17 times

Re: Security of net install?

#6 Post by Segfault »

I've never used firewall behind NAT. Are you doing double NAT? Won't do any good. I had a modem setup once, I put it in bridge mode so I could manage my own network in my own router. The other option would be using NAT provided by modem and use a network switch for wired and an access point for wireless, if required.

caerolle
Posts: 4
Joined: 2017-02-24 04:15
Location: USA

Re: Security of net install?

#7 Post by caerolle »

Ah, ok, thanks! I seriously need to learn more about the network stuff… :oops:

Post Reply