From owner-freebsd-questions Fri Feb 25 8:49: 0 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.enteract.com (mail.enteract.com [207.229.143.33]) by hub.freebsd.org (Postfix) with ESMTP id 3707937C2B2 for ; Fri, 25 Feb 2000 08:48:57 -0800 (PST) (envelope-from nasby@shell-1.enteract.com) Received: from shell-1.enteract.com (nasby@shell-1.enteract.com [207.229.143.40]) by mail.enteract.com (8.9.3/8.9.3) with ESMTP id KAA48336 for ; Fri, 25 Feb 2000 10:48:56 -0600 (CST) (envelope-from nasby@shell-1.enteract.com) Received: (from nasby@localhost) by shell-1.enteract.com (8.9.3/8.9.3) id KAA63425 for freebsd-questions@freebsd.org; Fri, 25 Feb 2000 10:48:56 -0600 (CST) (envelope-from nasby) Date: Fri, 25 Feb 2000 10:48:56 -0600 From: "Jim C. Nasby" To: freebsd-questions@freebsd.org Subject: Re: FreeBSD minimal install... Message-ID: <20000225104856.A63236@enteract.com> Reply-To: jim@nasby.net Mail-Followup-To: freebsd-questions@freebsd.org References: <38B6850B.AAE49A00@avantgo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <38B6850B.AAE49A00@avantgo.com> X-Operating-System: FreeBSD 3.3-STABLE i386 X-Distributed: Join the Effort! http://www.distributed.net Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You might want to try OpenBSD if you're that concerned about security... I've never played with it, but everything I've read says that it is more secure than FreeBSD, out of the box. Of course, you can make FreeBSD as secure as OpenBSD, but if they've already done a lot of the work for you... On Fri, Feb 25, 2000 at 05:35:08AM -0800, Tim Brush wrote: > After performing a minimal installation I noticed a large number of > programs that are very useful for a generic installation but are not > necessarily useful for a specific server types (i.e. firewall, web > server, mail server, etc.). I've begun compiling a list of programs > that can (should?) be removed for specific servers (i.e. gcc, f77, uucp, > etc.). There is no purpose for these programs on a firewall. I > understand that removing these programs only add a tiny bit of security > but every little bit helps (you have much bigger problems if someone > gains unauthorized access to your systems). > My questions are... > > 1. Has anyone already compiled a similar list? If so, could > someone point me to it. Is there a FAQ or additional information > regarding this? > 2. Would a more appropriate minimal installation have these > programs removed? > 3. Would people be interested in specific server (firewall, mail > server, web server, etc.) configurations? > > I understand that most people need to take the time to learn the > details of their systems (i.e. kernel configurations) but this may offer > a head start on configuration issues and save valuable time. > > Thanks, > T > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Jim C. Nasby (aka Decibel!) /^\ jim@nasby.net /___\ Freelance lighting designer and database developer / | \ Member: Triangle Fraternity, Sports Car Club of America /___|___\ Give your computer some brain-candy! www.distributed.net Team #1828 Get paid to surf!! http://www.enteract.com/~nasby/alladvantage.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message