From owner-freebsd-security  Thu Jun  3 13: 9: 8 1999
Delivered-To: freebsd-security@freebsd.org
Received: from sfmailrelay.hamquist.com (sfmailrelay2.hamquist.com [199.108.89.15])
	by hub.freebsd.org (Postfix) with SMTP id DC010159C6
	for <freebsd-security@freebsd.org>; Thu,  3 Jun 1999 13:09:03 -0700 (PDT)
	(envelope-from rchilders@hamquist.com)
Received: from 172.19.6.48 by sfmailrelay.hamquist.com with SMTP (
 WorldSecure Server SMTP Relay(WSS) v3.2 SR1); Thu, 03 Jun 99 13:08:42
 -0700
X-Server-Uuid: c29e0ff2-e8b9-11d1-a493-00c04fbbd7d3
Received: from hamquist.com ([172.19.6.230]) by sfmail.hamquist.com (
 Netscape Messaging Server 3.6) with ESMTP id AAA3B0E; Thu, 3 Jun 1999
 16:09:02 -0400
Message-ID: <3756E1C5.8C9A78CD@hamquist.com>
Date: Thu, 03 Jun 1999 13:12:53 -0700
From: "Richard Childers" <rchilders@hamquist.com>
Organization: hambrecht & quist, llc
X-Mailer: Mozilla 4.5 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: "Timothy R. Platt" <timothy@hamptons.com>
Cc: <freebsd-security@freebsd.org>
Subject: Re: Shell Account system
References: <Pine.OSF.4.10.9906011139450.4443-100000@bragg>
 <v04003a00b379024eb476@[204.141.112.245]>
X-WSS-ID: 1B483F402722-01-02
Content-Type: text/plain; 
 charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


"Timothy R. Platt" wrote:

	"Better install a traffic logger, or better yet ipfw."

Could someone knowledgeable comment on the differences between ipfw and
SANS' SHADOW package (primarily developed on a FreeBSd platform) ?


-- richard



"Timothy R. Platt" wrote:
> 
> Install tripwire, it's in the ports.
> 
> Better install a traffic logger, or better yet ipfw.  You'll need them to
> log and report all the smurfs, fraggles, and synks you're going to get.
> 
> Tim
> 
> >Yeah, thanks, but the system is for anyone able to pay, so, you can say
> >i trust nobody.
> >
> >Kris Kennaway wrote:
> >>
> >> On Mon, 31 May 1999, Joe Gleason wrote:
> >>
> >> [Snip]
> >>
> >> Good advice, but running a shell account for people who you don't really
> >>trust
> >> is still not a wise move for the inexperienced, and not something you can
> >> easily document in a webpage. UNIX security is a way of life - there are any
> >> number of things which the unwary can trip over which could potentially
> >> compromise your machine.
> >>
> >> If it's for a small group of users who you trust fairly well, you
> >> probably should be okay, though.
> >
> >
> >To Unsubscribe: send mail to majordomo@FreeBSD.org
> >with "unsubscribe freebsd-security" in the body of the message
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message