From owner-freebsd-security Mon Feb 12 17:29:06 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id RAA19418 for security-outgoing; Mon, 12 Feb 1996 17:29:06 -0800 (PST) Received: from mistery.mcafee.com (jimd@mistery.mcafee.com [192.187.128.69]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id RAA19413 for ; Mon, 12 Feb 1996 17:29:04 -0800 (PST) Received: (from jimd@localhost) by mistery.mcafee.com (8.6.11/8.6.9) id SAA04321 for freebsd-security@freebsd.org; Mon, 12 Feb 1996 18:29:12 -0800 From: Jim Dennis Message-Id: <199602130229.SAA04321@mistery.mcafee.com> Subject: tripwire, xinetd (or tcp wrappers) To: freebsd-security@freebsd.org Date: Mon, 12 Feb 1996 18:29:11 -0800 (PST) X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org Precedence: bulk Where can I find tripwire? How about xinetd? I'm setting up a new server (ftp) and would like to tighten the security up a bit (so I'm not depending as heavily on my router's packet filters). First item is I'd like to install tripwire, build its initial database, and refine it's reporting/alerts before I connect the machine to the 'net. Where can I find a copy of the FreeBSD port of this? If I grab a copy from usc.edu (or wherever) is there anything special I'll have to do to compile it under FreeBSD? Another item is that I'd like to use tcp wrappers or xinetd (again, our packet filters should prevent most problems but I'm a belt and suspenders guy when it comes to my *ix boxes). I'm open to suggestions. I was playing with Linux tcpd on a "play" system and had trouble getting it to execute a shell command to log activity (my plan was to allow access to ALL:LOCAL and log those to a file in /var/adm so I'd have some idea what services are being used by my co-workers on this system). Just allowing or denying services seemed absurdly simple. So: Does anyone have any compelling preferences for tcpd or xinetd? Are there any "gotch'yas" to compiling xinetd for FreeBSD (I notices tcpd in the ports list on the 2.1.0 CD, but couldn't find tripwire or xinetd). Is xinetd faster (suffering from less process start latency) than tcpd? I'm also interested in other monitoring and security suggestions. This particular machine (actually pair of machines) will be used for distributing files via ftp and http. I might also configure it for fsp (if I can find a suitable deamon *and* a suitable DOS|Windows|OS/2|NT|Win '95 client that can be freely distributed). Is there such a beast (free multiplatform client)? Are there any known security problems with fsp? Is there an fspd with features similar to the wu-ftpd (remote limits, group access controls, etc)? Thanks in advance for any answers. If I can return the favor, I will.