Date: Wed, 15 Aug 2001 09:22:24 -0400 (EDT) From: "Andrew R. Reiter" <arr@watson.org> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: Alexander Langer <alex@big.endian.de>, Robert Watson <rwatson@FreeBSD.ORG>, security@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <Pine.NEB.3.96L.1010815091947.79902A-100000@fledge.watson.org> In-Reply-To: <59836.997879734@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
: :> We can disable binding to port 25 and local mail delivery will still :> work. I also like disabling all other network services by default. :> One of OpenBSD's argument is, that you then know what services you've :> had enabled, and you then know, what to take care about. If you :> missed a SA about some service you haven't enabled either, who cares? : :The only problem here is that FreeBSD could be seen as a system that :does nothing out of the box. :-) : :This is not an unresolvable problem, it's just something that needs to :be considered. What about sysinstall options for this type of thing? We have a post-install Security configuration menu -- perhaps expanding this would be valuable? Andrew *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010815091947.79902A-100000>