Date: Wed, 20 Feb 2008 11:10:00 -0500 From: Schiz0 <schiz0phrenic21@gmail.com> To: "Zbigniew Szalbot" <zszalbot@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: security of a new installation / steps to take Message-ID: <8d23ec860802200810yb6d0d37t5f13edb18669054b@mail.gmail.com> In-Reply-To: <94136a2c0802200802r790ea5b1ye6f1a331b15ed6f4@mail.gmail.com> References: <94136a2c0802200802r790ea5b1ye6f1a331b15ed6f4@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 20, 2008 11:02 AM, Zbigniew Szalbot <zszalbot@gmail.com> wrote: > Dear all, > > In a matter of weeks we will be moving our office "server" replacing > it with a dedicated server machine functioning at an ISP's location. I > have spoken to them and they use Fedora so they won't be able to help > me much (besides we're not really prepared to pay them for > administrative work). Obviously, I want to keep using FreeBSD so they > promised to set up a basic installation so that I can remotely connect > to the server, configure it, install userland, etc. > > So far I have had FreeBSD systems only in office so I used my hardware > firewall (Dlink DFL 700) to block access to services on ports 22, etc. > Now, at the ISP I won't be able to do this so I will need to be a lot > more careful about security issues. I am planning to make a list of > steps I need to take to configure the OS to my liking and install > applications I need. However, I would really, really love to have some > advice from you re the basic steps. > > For example, I guess I will need to make friends with pf firewall (I > did use it but not extensively due to the hardware router in place). I > will need to disallow direct (3306) access to mysql database (again pf > thing?) and the like. > > In any case, many thanks for your hints, tips, links to get started (I > actually plan to use an old box in office to test-install everything > and only then do the same remotely). I have been using FreeBSD for 1,5 > year but I know how little I know so I'm ready to learn. > > Thanks for FreeBSD and your help! > > -- > Zbigniew Szalbot For PF, see: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html and http://www.openbsd.org/faq/pf/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8d23ec860802200810yb6d0d37t5f13edb18669054b>