Date: Sat, 22 Sep 2001 04:55:13 +0200 (SAST) From: The Psychotic Viper <psyv@sec-it.net> To: Chip <chip@wiegand.org> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: security and firewall Message-ID: <20010922044111.B39981-100000@lucifer.fuzion.ath.cx> In-Reply-To: <01092117533704.84922@chip.wiegand.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Fri, 21 Sep 2001, Chip wrote: > I have a fbsd 4.0 box running nothing but natd/ipfw, and it appears to be > fairly secure - I ran nmap against it from another fbsd box outside my > network and it shows only the sunrpc port 111 open. I have added to my ipfw > rules a rule that explicity denies port 111. I have also disabled inetd and > yet get the following udp ports showing as open - 111, 514, 520. ok firstly do you need 111 open? If not close it down via portmap_enable="NO" in /etc/rc.conf , and syslogd_flags="-ss" in the same file closes 514. Dont know off hand what would be using 520 but lsof or sockstat should tell you and then trace it down and stop it if needed. > Now my question - Just what can I do to tighten my security? To make sure my > machine isn't used as a relay, or just general protection? Is there some web > pages that cover this basic security stuff someone can point me to? Try these as they are good starting points, old faithful man security ; http://www.daemonnews.org/200108/security_overview.html http://www.daemonnews.org/200108/security-howto.html http://www.daemonnews.org/200102/armoring.html http://www.freebsd.org/~jkb/howto.html http://www.schlacter.dyndns.org/public/FreeBSD-STABLE_and_IPFILTER.html HTH PsyV To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010922044111.B39981-100000>