rPi basic config and securing against hackers

Notes for myself as much as anything…

Install from Noobs

Change pi password

passwd

 

Get wifi working

sudo raspi-config

Check that wlan0 is getting an ip address

iwconfig

ifconfig

 

Update the rPi

sudo apt-get update

sudo apt-get upgrade

 

Change the ssh port to something other than 22

sudo nano /etc/ssh/sshd_config

change

# Port 22

to

Port newportnumber

ctrl-x save and exit

Restart SSH

sudo service ssh restart

 

Amend port forwarding on the router to reflect the new port number

 

Install fail2ban – this will block IP addresses of bots attempting to access the Pi

sudo apt-get install fail2ban

It should run as a service and be running after a restart, to check if its running

sudo /etc/init.d/fail2ban status

***Note we need to amend the config file***

sudo nano /etc/fail2ban/jail.local

[ssh]
enabled  = true
port     = sshportnumberfromearlier
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6

 

Install no-ip, to update DNS with any IP changes

mkdir /home/pi/noip

cd /home/pi/noip

wget http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz

tar vzxf noip-duc-linux.tar.gz

cd noip-2.1.9-1

sudo make

sudo make install

sudo /usr/local/bin/noip2 starts the service.  To check the status:

sudo /usr/local/bin/noip2 -S

Have No-Ip run on startup

sudo nano /etc/rc.local

add the line /usr/local/bin/noip2 just above the exit 0

fi

/usr/local/bin/noip2
exit 0

To check no-ip is running

sudo /usr/local/bin/noip2 -S

 

So now, we have installed Raspbian, changed the default password, got everything up to date, changed the SSH port to something more obscure than the standard port 22, secured that port with fail2ban, and made the Pi reachable from outside the network.  Restarting the Pi along the way to check things are still running.

Check fail2ban is running

sudo /etc/init.d/fail2ban status

Check no-ip is running

sudo /usr/local/bin/noip2 -S

 

Advertisement

MU123 completed, MST124 begun

So September saw the end of the MU123 module, and whilst i’m sitting awaiting the final result of that (due sometime around 24th October), MST124 has begun.

It already feels like its a big step up!

I wasn’t able to get a head start on MST124, so i’m trying to keep to the proposed learning schedules, but that’s going to be quite a hard task in itself.  With MU123, i started off ahead (I was able to submit the first iCMA just hours after the course actually started, and concentrate on the next exam).  Whereas MST124, i’m already feeling a bit behind.

Anyway, hopefully results will be here soon.

Edit: Results arrived, distinction in the bag

MU123 – Discovering Mathematics

So the first module on my path, MU123, officially started on 31st January 2017.  It’s quite a broad module, and i’d read that a good amount of it is GCSE/A Level.  i did my Maths GCSE in 1989 and i can say that none of MU123 was covered.  As i didn’t go onto A Level, i cant comment on that.  I could have skipped this and taken a more direct first module, but as i’ve been out of education for a long time, i felt that this would be a good introduction and would help getting into the mindset of producing work how it needs to be presented (rather than just scribbled on the back of utility bills)

Continue reading “MU123 – Discovering Mathematics”