First, encrypting drives in Linux with LUKS on Void PPC:
Wikipedia wrote:
The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and was originally intended for Linux.
While most disk encryption software implements different, incompatible, and undocumented formats[citation needed], LUKS implements a platform-independent standard on-disk format for use in various tools.
LUKS is used to encrypt a block device. The contents of the encrypted device are arbitrary, and therefore any filesystem can be encrypted, including swap partitions. There is an unencrypted header at the beginning of an encrypted volume, which allows up to 8 (LUKS1) or 32 (LUKS2) encryption keys to be stored along with encryption parameters such as cipher type and key size.
The presence of this header is a major difference between LUKS and plain dm-crypt, since the header allows multiple different passphrases to be used, with the ability to change and remove them with ease. However, if the header is lost or corrupted, the device will no longer be decryptable.
The MATE PowerPC Remix has a poor result due to its age. (Severity: High - a lot of security problems)
Void PPC 20230317 has good results during the first tests. (Severity: Low)
Then I opened the Telnet port, installed an Apache web server and a Samba server.
The result was not as good as the first tests because of the open Telnet port and enabled Apache debugging methods. (Severity: Medium)
I have received a few times from my internet operator an alert stating that some of my hw would show a problem named "Open DNS server", which can be used for attacks. I suspect it is caused by a router as these alerts appeared only after I started to use it.
But is there ANY possibility that the problem would be caused by a computer connected to the router (NO windows machines here, only Linux, AmigaOS and MOS are used!)? Is it possible that Linux could be attacked via ethernet connection and used as an 'open DNS server'? Which changes should you see in the system in that case? It is 100% sure that no one has been able to access my machines physically.
xeno74 wrote: ↑Sun Mar 26, 2023 11:46 am
I think it is the router. You can check it with nmap -sT -sU -p- -T 5<IP address>.
This scan takes a long time but everything will be checked then.
Thanks for the tip! Do you have to input the LAN or WAN IP address of the router? They are different.
Fienix does not seem to have nmap in it's depots. I wonder why...? MintPPC has but it needs some additional libs etc. to work. Do you know whether installing those will effect VLC? I do not want to handicap VLC's functionality, by installing anything which will bring the "QT problem" with menus!
Roland wrote: ↑Wed Mar 29, 2023 2:46 pm
Fienix does not seem to have nmap in it's depots. I wonder why...? MintPPC has but it needs some additional libs etc. to work. Do you know whether installing those will effect VLC? I do not want to handicap VLC's functionality, by installing anything which will bring the "QT problem" with menus!
I've added nmap and nmapsi4 to the Fienix 6.0 (Evo-Testing) repo. I do at least very basic testing on all packages in Fienix (at least make sure the app opens and doesn't segfault), so if something is missing it's likely just because I haven't used/tested it yet.
-Casey