Linux Security

AmigaOne X5000 platform specific issues related to Linux only.
Post Reply
User avatar
xeno74
Posts: 9320
Joined: Fri Mar 23, 2012 7:58 am

Linux Security

Post by xeno74 »

Hi All,

This our security thread. :-)

First, encrypting drives in Linux with LUKS on Void PPC:

Image
Wikipedia wrote: The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and was originally intended for Linux.

While most disk encryption software implements different, incompatible, and undocumented formats[citation needed], LUKS implements a platform-independent standard on-disk format for use in various tools.
LUKS is used to encrypt a block device. The contents of the encrypted device are arbitrary, and therefore any filesystem can be encrypted, including swap partitions. There is an unencrypted header at the beginning of an encrypted volume, which allows up to 8 (LUKS1) or 32 (LUKS2) encryption keys to be stored along with encryption parameters such as cipher type and key size.

The presence of this header is a major difference between LUKS and plain dm-crypt, since the header allows multiple different passphrases to be used, with the ability to change and remove them with ease. However, if the header is lost or corrupted, the device will no longer be decryptable.
Further information: Linux_Unified_Key_Setup -- wikipedia.org

Cheers,
Christian
http://www.amigalinux.org
http://www.supertuxkart-amiga.de

Running Linux on AmigaONEs can require some tinkering.
User avatar
xeno74
Posts: 9320
Joined: Fri Mar 23, 2012 7:58 am

Re: Linux Security

Post by xeno74 »

Hello all,

I have scanned the MATE PowerPC Remix 2017 0.9.1 and Void PPC 20230317 with Greenbone Security Scanner and with Legion.

The MATE PowerPC Remix has a poor result due to its age. (Severity: High - a lot of security problems)

Void PPC 20230317 has good results during the first tests. (Severity: Low)

Then I opened the Telnet port, installed an Apache web server and a Samba server.
The result was not as good as the first tests because of the open Telnet port and enabled Apache debugging methods. (Severity: Medium)

See screenshot for more information.

Image

Cheers,
Christian
http://www.amigalinux.org
http://www.supertuxkart-amiga.de

Running Linux on AmigaONEs can require some tinkering.
Roland
Posts: 824
Joined: Tue May 02, 2017 7:23 am

Re: Linux Security

Post by Roland »

I have received a few times from my internet operator an alert stating that some of my hw would show a problem named "Open DNS server", which can be used for attacks. I suspect it is caused by a router as these alerts appeared only after I started to use it.

But is there ANY possibility that the problem would be caused by a computer connected to the router (NO windows machines here, only Linux, AmigaOS and MOS are used!)? Is it possible that Linux could be attacked via ethernet connection and used as an 'open DNS server'? Which changes should you see in the system in that case? It is 100% sure that no one has been able to access my machines physically.
- Roland -
User avatar
xeno74
Posts: 9320
Joined: Fri Mar 23, 2012 7:58 am

Re: Linux Security

Post by xeno74 »

Hi Roland,

I think it is the router. You can check it with nmap -sT -sU -p- -T 5<IP address>.

This scan takes a long time but everything will be checked then.

Cheers,
Christian
http://www.amigalinux.org
http://www.supertuxkart-amiga.de

Running Linux on AmigaONEs can require some tinkering.
Roland
Posts: 824
Joined: Tue May 02, 2017 7:23 am

Re: Linux Security

Post by Roland »

xeno74 wrote: Sun Mar 26, 2023 11:46 am
I think it is the router. You can check it with nmap -sT -sU -p- -T 5<IP address>.

This scan takes a long time but everything will be checked then.
Thanks for the tip! Do you have to input the LAN or WAN IP address of the router? They are different.

Fienix does not seem to have nmap in it's depots. I wonder why...? MintPPC has but it needs some additional libs etc. to work. Do you know whether installing those will effect VLC? I do not want to handicap VLC's functionality, by installing anything which will bring the "QT problem" with menus!
- Roland -
User avatar
caseycullen
Posts: 519
Joined: Sat Dec 17, 2016 7:12 am
Location: Madison, WI USA
Contact:

Re: Linux Security

Post by caseycullen »

Roland wrote: Wed Mar 29, 2023 2:46 pm Fienix does not seem to have nmap in it's depots. I wonder why...? MintPPC has but it needs some additional libs etc. to work. Do you know whether installing those will effect VLC? I do not want to handicap VLC's functionality, by installing anything which will bring the "QT problem" with menus!
I've added nmap and nmapsi4 to the Fienix 6.0 (Evo-Testing) repo. I do at least very basic testing on all packages in Fienix (at least make sure the app opens and doesn't segfault), so if something is missing it's likely just because I haven't used/tested it yet.
-Casey
User avatar
xeno74
Posts: 9320
Joined: Fri Mar 23, 2012 7:58 am

Re: Linux Security

Post by xeno74 »

Roland wrote: Wed Mar 29, 2023 2:46 pm Thanks for the tip! Do you have to input the LAN or WAN IP address of the router?
The WAN IP address.
http://www.amigalinux.org
http://www.supertuxkart-amiga.de

Running Linux on AmigaONEs can require some tinkering.
Post Reply