clawd/memory/security-baselines/james-old.md

James-Old (192.168.1.17) — Security Baseline

Established: 2026-02-22

SSH Authorized Keys (johan)

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4vdTyAAgy6PTsTLy64zQ8HwB3n3N3HQ3VfpLnItN7f johan@ubuntu2404 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICvQUpzuHN/+4xIS5dZSUY1Me7c17EhHRJdP5TkrfD39 claude@macbook ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+9hJSfMkbe68VPbkRmaW/sFFmd3+QBmisJYLY+S6Cj james@forge

Expected Users (uid>=1000)

nobody:65534 (system) johan:1000 snapd-range-524288-root:524288 (snap service — system) snap_daemon:584788 (snap service — system) scanner:1001 (SANE scanner service — system, nologin shell)

Expected Listening Ports

• 22 (SSH)
• 21 (FTP — known)
• 139/445 (Samba)
• 3389 (RDP — xrdp, known)
• 3350 (xrdp-sesman — localhost)
• 8025 (message-center — localhost)
• 8030 (message-bridge — all interfaces)
• 9200 (dashboard)
• 1143 (Proton Bridge IMAP — localhost)
• 1025 (Proton Bridge SMTP — localhost)

Known Firewall State

UFW: INACTIVE — ⚠️ no host firewall

Known Issues at Baseline

• UFW inactive (known deficiency — retired machine)
• fail2ban not active
• RDP (3389) exposed — known, used for remote desktop
• 53 pending apt updates