From owner-freebsd-questions Sat Dec 16 23: 5:56 2000 From owner-freebsd-questions@FreeBSD.ORG Sat Dec 16 23:05:53 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from comp1.mastery.ca (lan12.dzyn.win.mnsi.net [208.28.54.140]) by hub.freebsd.org (Postfix) with ESMTP id DD0A037B400 for ; Sat, 16 Dec 2000 23:05:52 -0800 (PST) Received: from lan4 (dyn206-48-125-71.ADSL.mnsi.net [206.48.125.71]) (authenticated) by comp1.mastery.ca (8.11.1/8.11.1) with ESMTP id eBH76lM76220; Sun, 17 Dec 2000 02:06:47 -0500 (EST) (envelope-from rmasse@max-info.net) Message-ID: <014d01c067f7$dd5fccc0$0600a8c0@Home> From: "Ryan Masse" To: Cc: "FreeBSD-Questions" Subject: Re: FreeBsd and ISPs Date: Sun, 17 Dec 2000 02:06:20 -0500 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG From: "Jorge Biquez" I'll try and answer you questions to the best of my ability. >1) Provide security. I was wondering what ports do I need to leave open and >what special considerations to have with the machines. What to monitor and >where as a daily audit. Run only services that will be required for you operation. ie. disabling telnet and using SSH to remote connect to your box etc. A good start in romoving services would be to edit your /etc/inetd.conf and disable (commet out) the services which you don't require. Take a look at the following link for more info: http://www.daemonnews.org/199809/security.html >2) FTP service. Need to have quotas on users and put the users on their >home directories. Do you recommend to leave the FTP that installs by >default or maybe move to another one? The default FTP Daemon works great compared to others (wu-ftp). >3) Sendmail service. My main question is how to avoid relay on my server so >spammers do not abuse of it. Besides I need to control the space of users also. By default sendmail disables all relaying. Relaying can be added be various rulesets your provide ie. allow,deny by subnets etc. >4) Users administration. How to suspend users when they do not pay and all >the general administration activities for users. One thing we would like to >have is to have users of more than 8 chars in their username (I don't know >if the latest version of FreeBsd support that, documentation of 3.2 says >only 8). I know how to do do all with the appropiate command, just >wondering if you recommend a tool for it. to learn all about add modifying disabling users: man 8 pw for the username lenghts i'm not quite sure =\ 5) Apache. Any available tool for its administration?. I can do it manually with the default "ee" editor but I was wondering if there is another editor not so basic but not "too" complicated like VI. I'm working without the graphical environment. How could I rotate logs on a daily,weekly or monthly basis? How could I suspend a site if a client do not pay? As much as i would hate to say it but there is a simpler editor called "pico" that is preety straight forward. I'm not to sure what you mean by rotate logs but you can create seperate access and error logs and build scripts that would rip that info and build statistics ie. webalizer and access logs >6) Scripts. Any good sites for simple resources of free CGI's?. On this. I >was wondering what do you suggest for special need on scripts. I have >programmed on other languages. Do you suggest to have the scripts I need to >run as PERL programs or it is better to follow the C path? PERL is the way to go in my opinion.. if you plan on doing any heavy BSD administration i suggest u do what i just did and pick up OReily's "Learning Perl" book. Its a good start to that language. For now you can use www.cgiresources.com i believe is the address for some free help. >I read once on the list that it would be a book for ISPs using FreeBSD. Do >you know if the book was edited?. Any other books? >Do you know of another list special devoted to ISP's running FreeBSD? not sure.. but there is a freebsd-isp mailing list that i'm sure could help you out. hope i have helped a bit, Ryan Masse, IT / Authoring Tech Mastery Group of Canada Inc. Rmasse@mastery.ca http://www.masterycanada.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message