Telcar Posted June 26, 2019 Share Posted June 26, 2019 (edited) With Ubuntu and other distros becoming more popular and android taking over the market Linux isn't as secure as it use to be. Pretty soon will have to run standard AV software on Linux desktops. My question is what general security stuff can i do to secure and lock down unraid? How should i login to unraid? Alot of nas type os recommend you disable root login and do everything from different user. Should system shares and others be made under root or a user? What about telnet and ssh of other protocals i mite not be awear of, what has to be enabled for unraid to work right with no hassle? What other things do i need to worry about with security or what other things can i do to inprove security? Im reduilding my whole database on unraid i just want to make sure its secure as possible. Also i just wanted th throw this in here im a question asker some fourms like that some dont. I search a search for stuff but alot of times i cant find the answers im looking for. I know y'all get tired of answering the same stupid questions that get asked over and over and i try not to ask those if i can help it. So if i bother yall with questions don't be scared to let me know you want hurt my feelings none, im still going to use unraid. I can keep questions to only the most important if i need to. Edited June 27, 2019 by Telcar Quote Link to comment
Squid Posted June 26, 2019 Share Posted June 26, 2019 1 minute ago, Telcar said: Pretty soon will have to run standard AV software on Linux desktops. 2 minutes ago, Telcar said: How should i login to unraid? Alot of nas type os recommend you disable root login and do everything from different user. Root is the only way to login to the console / webUI on unRaid. 3 minutes ago, Telcar said: Should system shares and others be made under root or a user? The root user has no access over the network to any share. You can create additional users and set the shares as being either secure or private according to your needs 3 minutes ago, Telcar said: What about telnet and ssh of other protocals i mite not be awear of, what has to be enabled for unraid to work right with no hassle? Personally, since you are (hopefully) only logging in to the console while on your own network, it really doesn't matter if you disable telnet or not - You do trust yourself don't you? 5 minutes ago, Telcar said: What other things do i need to worry about with security or what other things can i do to inprove security? Im reduilding my whole database on unraid i just want to make sure its secure as possible. Don't put your server into your router's DMZ. Don't forward any unnecessary ports to your server unless they are required for the application (Plex). If you need to remotely manage your server, then use a VPN like OpenVPN-AS 1 Quote Link to comment
Telcar Posted June 26, 2019 Author Share Posted June 26, 2019 Thank you squid! What is telnet used for because if its not used for anything than theres no need for it. Quote Link to comment
CHBMB Posted June 27, 2019 Share Posted June 27, 2019 6 hours ago, Telcar said: Thank you squid! What is telnet used for because if its not used for anything than theres no need for it. Telnet is essentially a legacy system. I suppose a basic analogy would be kind of an unencrypted SSH. 1 Quote Link to comment
Telcar Posted June 27, 2019 Author Share Posted June 27, 2019 So basically unraid is pretty secure, as long as i trust the network im using it on. Quote Link to comment
testdasi Posted June 27, 2019 Share Posted June 27, 2019 3 minutes ago, Telcar said: So basically unraid is pretty secure, as long as i trust the network im using it on. And trust that the people on your network doesn't do silly things, like accidentally exposing your server to the Internet, that sort of silly. Quote Link to comment
Telcar Posted June 27, 2019 Author Share Posted June 27, 2019 18 minutes ago, testdasi said: And trust that the people on your network doesn't do silly things, like accidentally exposing your server to the Internet, that sort of silly. No, worries there considering im the only one using my network for anything other then a basic wifi connection to the internet. Quote Link to comment
Viper359 Posted July 1, 2019 Share Posted July 1, 2019 I would be more concerned about your point of entry/exit. The amount of people running routers that have serious security flaws, and a lack of basic security applied would blow your mind. Most consumer routers are garbage with security patches, fixes, and basic administration security. I use PROsumer stuff, or build my own for this. I have used products from Ubiquiti for example. They're always updating and working on things. Now, I run an UnTangle firewall / router box that I custom built. These two sort of options give your network far better security. While wanting to lock down stuff on your LAN side is always a good idea, the sheer amount of people running equipment that handles their WAN that has serious flaws et would blow your mind. A great many of the consumer marketed stuff, after a few years, stops receiving updates. I think I am being generous on that statement as well. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.