I found this article on making a Raspberry Pi more secure. Since this little thing is used here a lot and I know some people care about the security of their home network I thought this might be of interest to some:
*Not for beginners I think…
Thanks for sharing. I do have a comment/question. Wouldn’t Raspberry Pi security only be a concern if you are opening it up to the Web via opening a port on your router?
SInce most of us here are using our Pi’s as Roon enpoints, we would not be opening up our Pi’s as an entry point into our networks.
If someone got onto our network some other way, well, we will likely have bigger problems!
Yes, agreed. On it’s own there is very little risk I think. I certainly don’t want to scare people…
But security attacks are usually a number of carefully crafted steps that bring an attacker closer to it’s goal and several conditions need to be met to get there.
It’s kind of like prison break. Each time you get though a door there is another one and locking all doors is good in this case. Leaving a door open is like a present for an attacker.
As I said, on our home networks, there is not so much risk.
But some (security) people are worried about the ever increasing number of IoT devices and the sometimes lack of proper security testing of these.
If you put a RPI on your company network to play music I would be a little more worried than on my home network where I just keep my family pictures, movies and music
Bruce Schneier, whose view on security I respect a great deal, had this to say: https://www.schneier.com/blog/archives/2017/09/securing_a_rasp.html
I’m sort of with him, and it’s particularly hard to work out what happens with thin versions, like @dietpi that I’m running!
I do have to add that RPis are not my first worry from a security standpoint!
I recall @danny saying something about this, along the lines of (not his exact words but overall gist): if someone got into your home network, then you are already screwed - regarding password protection your Pi.
That made good sense to me.
The biggest issue is that these methods are the basics of getting in.
There exist numerous exploitable issues that are not something you can “fix”, and that the vendors of the software themselves are not aware of. And let’s totally just ignore all the actual backdoors everywhere…
Secure your home from the outside… don’t let strangers in. If you are worried about this stuff, then stop installing IoT home automation stuff that goes out to cloud services as well.
Yes please. Especially on a Friday heading into the weekend.