From owner-freebsd-questions Thu Feb 15 17: 0:59 2001 Delivered-To: freebsd-questions@freebsd.org Received: from medhub.medctr.ucla.edu (medhub.medctr.ucla.edu [149.142.194.60]) by hub.freebsd.org (Postfix) with ESMTP id 6ABDC37B401 for ; Thu, 15 Feb 2001 17:00:57 -0800 (PST) Received: from mailbh1.mednet.ucla.edu (mailbh1.mednet.ucla.edu [149.142.194.120]) by medhub.medctr.ucla.edu (8.9.3+Sun/8.9.0) with ESMTP id RAA19544 for ; Thu, 15 Feb 2001 17:00:56 -0800 (PST) Received: by mailbh1.mednet.ucla.edu with Internet Mail Service (5.5.2653.19) id <17QH0M2V>; Thu, 15 Feb 2001 17:00:56 -0800 Message-ID: <1B14A1526DF8D01190A000805FA760220593E04E@medmail4.mednet.ucla.edu> From: "Cliff, Calvin" To: "'questions@freebsd.org'" Subject: Securing FreeBSD and CVSUP Date: Thu, 15 Feb 2001 17:00:52 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I've been experimenting with FreeBSD for my department web server and I'm concerned about making it more secured. I installed my system last October and looked into using CVSUP to keep it updated but was too chicken to try it since I already have 5 virtual web sites running on it. I tried using cvsup with a test directory and noticed that a number of files will be edited and some deleted. I have two questions: is it safe? do I need to reboot or rebuild my kernal to take advantage of the updated files? Secondly, I was looking for a simple HowTO on making the system more secure. I don't have anonymous ftp's enabled and I do use the regular telnet. Is there a simple list of things I can do to make it more secured without using Kerberos? I do have access to a SSH telnet/ftp available from my client systems. Lastly, I also noticed that since I installed my system last october, I get a few messages on my console screen each month about ftpd, popd, rshd and/or rogind attempts that seem to fail. I don't recognize the client host addresses as anyone who should have access so I'm assuming that hackers are trying to crack my system. Should I be trying to contact those sysadmins about those attempts? Thanks for the information, FreeBSD seems to be much safer than Linux. Calvin Cliff UCLA Neurology 710 Westwood Plz C-128 Los Angeles CA 90095 (310) 206-9372 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message