Hello all,
Recently I switched my main PC to Linux (so now learning about Linux networking) and have couple raspberry Pi's, Printers and NAS on my home network. I have couple network security questions in regards to open ports etc.
1. Is there a difference in overall security between opening up 1 port on my router, which is forwarded to 1 SSH port on one raspberry Pi2 (let's call it gateway) and restricting communication to other devices to LAN traffic via SSH sessions from gateway, vs. opening multiple ports on the router which are forwarded to SSH ports on network devices?
2. Is it safer to have a single SSH certificate for all devices or is it better to have separate ones for all devices (but then the certs would be stored either on my remote tablet or on my "gateway" machine).
3. I have a network attached power switch, which I can use to hard reset a machine if it freezes. Is it a bad idea to use this device as a gateway or perhaps have its SSH port opened via router? If I am to leave it open only to local network traffic and my "gateway" freezes I will be out of luck hard resetting it (gateway). I can turn on/off/restart power outlets via SSH command to this power switch.
Anything I forgot?
I read a network security book back in 90s any new reading material I should consider? Looking for a good ref manual, kinda like "network security bible"
Thanks ahead
Recently I switched my main PC to Linux (so now learning about Linux networking) and have couple raspberry Pi's, Printers and NAS on my home network. I have couple network security questions in regards to open ports etc.
1. Is there a difference in overall security between opening up 1 port on my router, which is forwarded to 1 SSH port on one raspberry Pi2 (let's call it gateway) and restricting communication to other devices to LAN traffic via SSH sessions from gateway, vs. opening multiple ports on the router which are forwarded to SSH ports on network devices?
2. Is it safer to have a single SSH certificate for all devices or is it better to have separate ones for all devices (but then the certs would be stored either on my remote tablet or on my "gateway" machine).
3. I have a network attached power switch, which I can use to hard reset a machine if it freezes. Is it a bad idea to use this device as a gateway or perhaps have its SSH port opened via router? If I am to leave it open only to local network traffic and my "gateway" freezes I will be out of luck hard resetting it (gateway). I can turn on/off/restart power outlets via SSH command to this power switch.
Anything I forgot?
I read a network security book back in 90s any new reading material I should consider? Looking for a good ref manual, kinda like "network security bible"
Thanks ahead