579
edits
Changes
Jump to navigation
Jump to search
Line 18:
Line 18: − + Line 54:
Line 54: − + Line 408:
Line 408: − +
Raspberry Pi IPv6 firewall tester installation (view source)
Revision as of 21:16, 21 October 2012
, 21:16, 21 October 2012no edit summary
# passwd
# passwd
Then add a user: (follow the prompts)
Then add a user, using a non-obvious username, e.g. '''PlnUsr456''' : (follow the prompts)
# adduser
# adduser
# pacman -S iptables
# pacman -S iptables
The following IPv6 firewall is a very simplistic example, only suitable for use in a trusted environment, where SLAAC IPv6 address allocation is in place. '''This example is not intended to be used for an internet-facing Raspberry Pi where you need to include extra packet checking related to traffic sources, packet arrival rates, etc.'''
The following IPv6 firewall is a very simplistic example, only suitable for use in a trusted environment, where SLAAC IPv6 address allocation is in place. '''This example is not intended to be used for an internet-facing Raspberry Pi where you may choose to include extra packet checking related to traffic source addresses, packet arrival rates, etc.'''
*filter
*filter
In general it is recommended that you apply all the standard SSH hardening approaches. You can also restrict logins to your newly created plain user (above) with the addition of the following line to your ssh configuration file ('''/etc/ssh/sshd_config'''). I'd also recommend that you choose an username which isn't a simple shortening of your own name:
In general it is recommended that you apply all the standard SSH hardening approaches. You can also restrict logins to your newly created plain user (above) with the addition of the following line to your ssh configuration file ('''/etc/ssh/sshd_config'''). I'd also recommend that you choose an username which isn't a simple shortening of your own name:
AllowUsers plnusr456
AllowUsers '''PlnUsr456'''