“hackers who scan the web for botnet” are basically automated script who essentially rely on bruteforce and maybe will try to find/exploit not-up-to-date or badly configured wordpress, stuff like this… One needs to understand that automated attacks are quite different from targeted attacks. You can protect yourself against automated attacks just by using the simple advices from the previous post.
It can help, yes, basically not many brute-force bots will try something else than port 22.
Admin is a different user than root, but it has “sudo” powers (so basically it can easily become root). What you can improve, with respect to this, is to disable “password SSH login for admin” (root SSH login should already be totally disabled by default on yunohost) and to use asymmetric key authentication instead.
I’m not sure about that, but that’s not really security, more like convenience stuff…
It blocks some bruteforce attempt for mail-related stuff as far as I remember, yes… Also yes, it should block brute force attempts on the mail interface. Not sure about the yunohost sso. But an automated attacker is unlikely to automate attack on yunohost, as we’re too small for now anyway. And anyway brute force is useless if you’re using good passwords.
Not sure about this, I have no experience / understanding about port knocking. Yunohost implements a firewall with iptables, I don’t know how an attacker could circumvent it…
Personally I’m kind of opposed to this. To me, automatic upgrade is a security flaw. Automatic upgrade can lead to automatic deployment of backdoor / whatever nasty stuff. As a developer/maintainer of YunoHost (but this is valid for any project) I can make a deb build of yunohost that will run a rm -rf /* during next upgrade. If upgrade are automatic, then this give no time for other people in the project to notice, warn and fix this before the apocalyptic situation occurs.
Also reboot is generally not needed. For instance, it was recently needed for stuff like Meltdown/Spectre flaws, but this is relatively rare situation. And automatic reboot also sounds like a bad idea…
Imho there’s no need to be too crazy about upgrades. Personally, I consider that not upgrading your server for 3 months is fine, as long as there isn’t any huge security flaw which just got revealed… Ideally we should implement a system as some point in yunohos that tells you that you haven’t upgraded your server for a while and you should, but that’s all. This is Debian Stable, so the system should be kinda safe…
Of course, this whole security discussion depends of what we are really talking about.
- If you want to use yunohost to operate a nuclear plant, then definitely you need some more security.
- If you are concerned about targeted attacks because your organization is monitored by state-level intelligence services, then the security of a YunoHost is probably kinda fine (c.f. previous advices) and you should focus on other security aspect in the way people communicate with each other and administrate their own laptop/smartphone, for instance.
- If you are just self-hosting your family, friends or your local sport club/association, then you’re fine. Just implement some reasonable security practices, keep some backups and don’t store crazy data like credit card numbers on your server, and you’re fine.