Date: Mon, 01 Mar 2004 09:31:44 -0800 From: "Gustavo A. Baratto" <gbaratto@superb.net> To: bookman@oteglobe.net Cc: freebsd-security@freebsd.org Subject: Re: General Security Issues Message-ID: <013801c3ffb3$11515e80$6400a8c0@chivas> References: <DNENIGNODKCOJCLIAEICCEMJDHAA.bookman@oteglobe.net>
next in thread | previous in thread | raw e-mail | index | archive | help
never hurts to read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html why dont you run ssh standalone... I dont like inetd ----- Original Message ----- From: "Konstantinos Fotiadis" <bookman@oteglobe.net> To: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz>; <bookman@oteglobe.net> Cc: <freebsd-security@freebsd.org> Sent: Monday, March 01, 2004 9:21 AM Subject: RE: General Security Issues > > Yeap, sendmail is down. > However inetd.conf is up but it only starts the SSH daemon. Is this a > problem-threat ? > > > > PS: Is this the right list for security questions or not ? Cause I got an > e-mail from someone that this isn't.... > > best > > /kostas > > -----Original Message----- > From: Kevin D. Kinsey, DaleCo, S.P. [mailto:kdk@daleco.biz] > Sent: Monday, March 01, 2004 7:15 PM > To: bookman@oteglobe.net > Cc: freebsd-security@freebsd.org > Subject: Re: General Security Issues > > > Konstantinos Fotiadis wrote: > > >Greetings list, > > > >As a newbie to security I would like to ask any recommendation that the > list > >might have. > >We are about to "install" a new box with 4.9 stable to the nice and > innocent > >internet world. :-P > >The box has no services running expect apache and we telnet to it via SSH. > > > > > > So you've disabled sendmail and inetd.conf? > > >Main function of this box will be graphing various interfaces via rrdtool. > >So, I would like to ask if there is any other precautions that I must take > >in order to sleep safe at night. Should I check for any other opened ports > ? > > > > > > Good idea, always ... from inside (netstat) and outside > (port scanner, like nmap<?>).... > > >Should I do something with the kernel to be more secure ? > > > > > A firewall is often considered a must. > > >I know this ain't so easy, but let's say my main scope is to get a least a > >decent sleep :-) > > > >Kind Regards, > > > >Kostas > > > > > > > > > > I imagine this list would prefer that you send your > questions to the questions@ list. I can't remember > the list charter enough to know exactly *why* at > the moment ... so I've made a comment or two. > > I imagine that if you can find no open ports, and stay > on top of any changes to Apache and OpenSSH, > you should have few worries --- except for the scripts > that run on the webserver...which is a whole different > topic, as I see it.... :-( > > Kevin Kinsey > DaleCo, S.P. > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?013801c3ffb3$11515e80$6400a8c0>