From owner-freebsd-questions@FreeBSD.ORG Tue Feb 7 13:29:15 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 93AF61065740 for ; Tue, 7 Feb 2012 13:29:15 +0000 (UTC) (envelope-from steve.bertrand@gmail.com) Received: from mail-tul01m020-f182.google.com (mail-tul01m020-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 5A7528FC08 for ; Tue, 7 Feb 2012 13:29:15 +0000 (UTC) Received: by obcwo16 with SMTP id wo16so11803207obc.13 for ; Tue, 07 Feb 2012 05:29:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=2u0/04WR5oDxUT8NZbANaZd/ZZVE0n3DjcqU9QD7+kM=; b=jgHBGHr46yqOcL0C5YjfEf1cAv4l57tblmuQklKv/LbjNukcn3GzOE4qE8zKo5Fzwk AkXiQMHgyS5QqoRxkwlBs3qnoF0R6fgBpPQXJDdI4K8omU53JCzpOq8zxkhL5DhDAQBy PtYYTj3ketJbyEFV4XqM23p21XuOcYdZ5ccIk= Received: by 10.50.161.231 with SMTP id xv7mr16221368igb.0.1328621354675; Tue, 07 Feb 2012 05:29:14 -0800 (PST) Received: from [192.168.1.2] (dyn-dsl-to-76-75-112-72.nexicom.net. [76.75.112.72]) by mx.google.com with ESMTPS id nq10sm13602856igc.6.2012.02.07.05.29.13 (version=SSLv3 cipher=OTHER); Tue, 07 Feb 2012 05:29:14 -0800 (PST) Message-ID: <4F31272D.7040905@gmail.com> Date: Tue, 07 Feb 2012 08:29:17 -0500 From: Steve Bertrand User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 To: Henry Olyer References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Mailing List Subject: Re: on hammer's, security, and centrifuges... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Feb 2012 13:29:15 -0000 On 2012.02.07 07:03, Henry Olyer wrote: > Look, I'm going to use FreeBSD as long as both it and I am around, it's > just the best choice for me, for my user's. But we need to improve > security. I'm very happy with the security and stability of FreeBSD, and praise the sec team and contributors to make it so. I've run literally hundreds of FreeBSD boxes, mostly in a busy ISP environment since 4.3, and never have been hacked after normal system protections are in place. > For now, until I remake my laptop, I'm going to disable the ath0 wireless. > > How? What's the best method to make certain that my wireless chip is > turned off? Comment out the configuration lines for the ath interface in rc.conf, or to remove it completely, recompile the kernel after removing 'device ath'. > Or is this something best accomplished with a hammer? For the overly paranoid. > Is their something I can do that would help the FBSD security people? Document how your security suggestions will rectify the problem you perceive, file PRs, then write patches. You are after all a developer :) Steve