this post was submitted on 06 Aug 2024
32 points (100.0% liked)

Linux Gaming

15813 readers
92 users here now

Gaming on the GNU/Linux operating system.

Recommended news sources:

Related chat:

Related Communities:

Please be nice to other members. Anyone not being nice will be banned. Keep it fun, respectful and just be awesome to each other.

founded 4 years ago
MODERATORS
 

Hey all. I'm heading to Quakecon 2024 tomorrow and will be repping the penguin. I've got all my games set up and ready, but was now wondering, are there any extra steps I should take as far as network security goes?

I'm sure I'm not as vulnerable to random badness as the flock of Windows machines that will be on the network, but you never know. The only thing on my list so far is to disable sshd. I thought about installing Portmaster but it has always messed up my DNS in the past...

I'll probably run Wireshark just to see if I can capture anything interesting there. Do you all have any other suggestions for prepping my PC?

you are viewing a single comment's thread
view the rest of the comments
[–] pelotron@midwest.social 6 points 3 months ago (3 children)

Negative - that's why I was thinking of giving Portmaster another go but am open to any solution like that.

Yes the PC will be unattended for many hours at a time.

[–] gaylord_fartmaster@lemmy.world 20 points 3 months ago (1 children)

I'd just install UFW and either set the default for incoming and outgoing to deny and unblock the game ports manually, or just set incoming to deny and outgoing to allow.

You could pair that with OpenSnitch to see all attempted incoming and outgoing connections and block them by default, and then just allow the ones you want as they happen.

[–] pelotron@midwest.social 5 points 3 months ago

Thank you for these suggestions! I've been looking for something like Opensnitch for a long time.

[–] ryannathans@aussie.zone 6 points 3 months ago

Unattended? I'd use a bios password and disk encryption

[–] ReversalHatchery@beehaw.org 2 points 3 months ago (1 children)

Yes the PC will be unattended for many hours at a time.

Check out usbguard, whitelist your own devices, preferably no USB drives.
The ArchWiki has a good article on it. I don't use arch, btw.
Other than that, maybe check every time you get back to the machine that your keyboard still directly connects to the machine, without an intermediate device (yes, even with usbguard), but at that point maybe just always keep your keyboard with yourself because a really motivated attacker could just place some kind of keylogger inside of it.

Maybe also look into hardening your lock screen, or finding a simpler one that's perhaps more security oriented.
Maybe it's not the case anymore, but once it was possible to unlock a locked account by crashing the screen locker. Possibly that's not the case anymore, because I remember having to type loginctl something in a new virtual terminal when my lock screen crashed after an update gone bad, but i wanted to make you aware so you can check if you are affected.

[–] pelotron@midwest.social 1 points 3 months ago

Ooh, usbguard sounds cool.