On Thu, Oct 27, 2016 at 1:12 PM, Josiah Yoder <[email protected]> wrote: > I teach a real-time systems class where students use Beaglebone over the > network. Generally, we are behind a protected firewall, but sometimes the > students want to debug on other parts of the campus. > > By default, one can access the root account without a password. If my > students put such a BeagleBone on a network where the IP is externally > visible, is it likely that the BeagleBone will become infected by the > open-source botnet software Mirai? > > I guess it's a moot point -- the root password should be changed before > attaching the BeagleBone to a public network anyway!
At-least run: cd /opt/scripts/un-tweak-image/ sudo ./debian-re-secure-root-ssh.sh and it'll set a root password and disable "PermitEmptyPasswords" sshd_config option.. and remove "bonescript", you can just disable disable the two bonescript system service files.. Regards, -- Robert Nelson https://rcn-ee.com/ -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/CAOCHtYiwk2M3T%2BR8uiQNa8sxzNoHxkdV3c4eBPimDhxnSn-_%2Bw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
