Date: Sun, 23 Apr 2000 07:22:00 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: "Nick Loman" <nick@loman.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: 10 days Message-ID: <200004231422.HAA07623@cwsys.cwsent.com> In-Reply-To: Your message of "Thu, 20 Apr 2000 19:54:05 BST." <Pine.BSF.4.21.0004201949370.25795-100000@slip.csosl.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hosts.allow only protects applications that have been linked with libwrap, e.g. inetd, portmap, and sshd. To protect services that aren't libwrap aware, your options are ipfw or ipfilter. I've used both and both do a good job. For examples, take a look at freebsddiary.com. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC In message <Pine.BSF.4.21.0004201949370.25795-100000@slip.csosl.co.uk>, "Nick L oman" writes: > > I've moved my mail server from RedHat 6.0/Linux over to FreeBSD > 4.0-STABLE/qmail for security (lots of relay hacking and Linux newbie > hackers). > > Anyway, pleased to see only 10 days into running a FreeBSD installation > the spam kiddies are trying to hack in again :-) > > hosts.allow: > > ALL : PARANOID : RFC931 20 : deny > ftpd : a few select hosts : allow > telnetd : a few select hosts : allow > popa3d : ALL : allow > ALL : ALL : deny > > qmail running off tcpserver. > > Hack attempts are standard trying to get in through ftp and telnet. Also a > request from a root@<ip address> to the DNS port. > > Given that I'm a FreeBSD newbie, and notwithstanding general security > tips, what should I be looking out for in these early days? > > Regards, > > Nick. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004231422.HAA07623>