Date: Sun, 11 Nov 2001 04:13:21 -0700 (MST) From: FreeBSD user <freebsd@XtremeDev.com> To: Lord Raiden <raiden23@netzero.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Security trial for BSD firewall box. Message-ID: <20011111040355.D42368-100000@Amber.XtremeDev.com> In-Reply-To: <4.2.0.58.20011110111843.00949460@pop.netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I know almost nothing about hacking. But what little I do know, know that firewalls only play a small part in securing a server. You can have the most well written firewall rule set that allows only smtp, and it can still be hacked. Hackers root a system not through the firewall rules, but through exploitable daemons. Run an smtp daemon that is unpatched and rootable, and you're leaving yourself wide open. I'd worry more about your choice of smtp daemons and your vigilance as a system admin in keeping up with the necessary patches than about firewall rules. Or any other service daemon's you plan on providing. My 2 cents. On Sat, 10 Nov 2001, Lord Raiden wrote: > Hi all. In a couple of weeks I'm going to be putting a new firewall box > online complete with SMTP server, as soon as I get the time. The box is > completed and all I need to do is install the SMTP service and give it a > trial run. Anyone know of a good way to test this box to see if it's setup > correctly? Like maybe a group that can hammer it and see if I left any > holes in the protection? I think I got tripwire and the ip filtering and > all that setup right, but I'm not totally deathly sure. Anyone got any > ideas? I don't want to leave the SMTP server vulnerable to spammers > either. So I'm totally game to any ideas you guys have. I'm using FreeBSD > 4.3 stable as my platform. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011111040355.D42368-100000>