Is Meteohub a threat to my internet security?

Answers to Questions that pop up more than once.

Moderator: Mattk

Post Reply
User avatar
admin
Platinum Boarder
Platinum Boarder
Posts: 5365
Joined: Mon Oct 01, 2007 10:51 pm

Is Meteohub a threat to my internet security?

Post by admin » Thu Feb 12, 2009 6:59 pm

short version:
No if your router is configured correctly

long version:
Meteohub actively connects to the outside world via:
1) ftp (for uploading data to your Homepage and to weather networks. It is just a client, no "unsecure" ftp server)
2) http (for weather networks and for receiving the WAN IP when on "system information" page)
3) TCPIP-socket communication (for CWOP weather network or when reading data from a TCP/IP weather station or "slave" Meteohub)
that's it.

Meteohub can be connected from the outside on ports 22 (ssh with standard password, don't open this up to the public, or change ssh password with linux commands), ports 80/7777 via http (secured with http password, that can be changed), some ports that are used for plain data transfer (5555, 5500-5510, 5558, 5559) that can't do any harm, the usual smb ports (pc network drive), an rsync port, etc. So it is no good idea to place a Meteohub without firewall protection into not-firewalled network. Meteohub needs protection by the firewall of your router.

You should configure your router in a way that no traffic is allowed to being forwarded from the Internet to Meteohub. An exemption might be port 80 (regular http) and 7777 (secondary http), which you can use to configure Meteohub from the outside, if you have the correct http-password, which you can and should change on "maintenance" page.

On top of this, I doubt that any worms or male ware exists for NSLU2 which has a very specific Linux and processor. 99% of all male ware is for x86. That code cannot be executed on NSLU2. x86 Meteohub's should be managed with more care (by means explained above).

Post Reply