Date: Thu, 20 Apr 2000 16:33:50 -0400 (EDT) From: Jim Flowers <jflowers@ezo.net> To: Nick Loman <nick@loman.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: 10 days Message-ID: <Pine.BSI.3.91.1000420163206.13556Q-100000@lily.ezo.net> In-Reply-To: <Pine.BSF.4.21.0004201949370.25795-100000@slip.csosl.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Setup ipfw, deny-everything then allow only-what-you-want. Specify as tightly as you can. man ipfw. Jim Flowers <jflowers@ezo.net> #4 ISP on C|NET, #1 in Ohio On Thu, 20 Apr 2000, Nick Loman wrote: > > I've moved my mail server from RedHat 6.0/Linux over to FreeBSD > 4.0-STABLE/qmail for security (lots of relay hacking and Linux newbie > hackers). > > Anyway, pleased to see only 10 days into running a FreeBSD installation > the spam kiddies are trying to hack in again :-) > > hosts.allow: > > ALL : PARANOID : RFC931 20 : deny > ftpd : a few select hosts : allow > telnetd : a few select hosts : allow > popa3d : ALL : allow > ALL : ALL : deny > > qmail running off tcpserver. > > Hack attempts are standard trying to get in through ftp and telnet. Also a > request from a root@<ip address> to the DNS port. > > Given that I'm a FreeBSD newbie, and notwithstanding general security > tips, what should I be looking out for in these early days? > > Regards, > > Nick. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.1000420163206.13556Q-100000>