From owner-freebsd-security@FreeBSD.ORG Sun Jul 27 06:38:02 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F1DB37B401 for ; Sun, 27 Jul 2003 06:38:02 -0700 (PDT) Received: from ns.pro.sk (proxy.pro.sk [195.80.161.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id EB59B43F75 for ; Sun, 27 Jul 2003 06:37:59 -0700 (PDT) (envelope-from prosa@pro.sk) Received: from peter (Peter [192.168.1.53]) by ns.pro.sk (8.11.3/8.11.3) with SMTP id h6RDbtE02541; Sun, 27 Jul 2003 15:37:55 +0200 (CEST) (envelope-from prosa@pro.sk) Message-ID: <002401c35444$36d146e0$3501a8c0@pro.sk> From: "Peter Rosa" To: "twig les" References: <20030727041708.95094.qmail@web10104.mail.yahoo.com> Date: Sun, 27 Jul 2003 15:37:24 +0200 Organization: PRO, s.r.o. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 1 X-MSMail-Priority: High X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 cc: FreeBSD Security Subject: Re: suid bit files + securing FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2003 13:38:02 -0000 Absolutely perfect. Fantastic. Exactly the type of information, I looked a long time ago. Meny tkanks and have a nice day. Peter Rosa ----- Original Message ----- From: "twig les" To: "Peter Rosa" ; "FreeBSD Security" Sent: Sunday, July 27, 2003 6:17 AM Subject: Re: suid bit files + securing FreeBSD > I don't know exactly what you mean by "wizard", maybe a > menu-driven gui like Nero or M$ Lookout or something? Anyhoo I > really like this checklist here: > http://sddi.net/FBSDSecCheckList.html. I guess one could script > a lot of this. This page also has a boatload of links at the > bottom. > > As for perfect security I like to run Sendmail and BIND on > RedHat myself, unless I can get my hands on an IIS box. woot! > Sorry, it's late Saturday, thus I'm feeling mischievous. > > > > > Second question is: Has anybody an exact wizard, how to secure > > the FreeBSD machine. Imagine the situation, the only person > > who > > can do anything on that machine is me, and nobody other. I > > have > > set very restrictive firewalling, I have removed ALL tty's > > except > > two local tty's (I need to work on that machine), but there > > are > > still open port 25 and 53 (must be forever), so someone very > > tricky can compromite my machine. > > > > I'm a little bit paranoic, don't I :-))))))) > > > > Cheers, > > > > Peter Rosa > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > > > ===== > ----------------------------------------------------------- > Emo is what happens when the glee club goes punk. > ----------------------------------------------------------- > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >