From owner-freebsd-security@FreeBSD.ORG  Mon Mar  1 10:34:16 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3356216A4CF
	for <security@freebsd.org>; Mon,  1 Mar 2004 10:34:16 -0800 (PST)
Received: from cicero2.cybercity.dk (cicero2.cybercity.dk [212.242.40.53])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AE23443D31
	for <security@freebsd.org>; Mon,  1 Mar 2004 10:34:15 -0800 (PST)
	(envelope-from db@traceroute.dk)
Received: from user3.cybercity.dk (fxp0.user3.ip.cybercity.dk [212.242.41.36])
	by cicero2.cybercity.dk (Postfix) with ESMTP
	id 5C04F18F942; Mon,  1 Mar 2004 19:34:04 +0100 (CET)
Received: from main.trunet.dk (port132.ds1-arsy.adsl.cybercity.dk
	[212.242.239.73])	by user3.cybercity.dk (Postfix) with SMTP
	id 0B71693C04; Mon,  1 Mar 2004 19:34:04 +0100 (CET)
Date: Mon, 1 Mar 2004 19:34:57 +0100
From: db <db@traceroute.dk>
To: bookman@oteglobe.net, security@freebsd.org
Message-Id: <20040301193457.0afe52e6@main.trunet.dk>
In-Reply-To: <DNENIGNODKCOJCLIAEICGEMDDHAA.bookman@oteglobe.net>
References: <DNENIGNODKCOJCLIAEICGEMDDHAA.bookman@oteglobe.net>
X-Mailer: Sylpheed version 0.9.8claws (GTK+ 1.2.10; i386-portbld-freebsd5.2)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: General Security Issues
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2004 18:34:16 -0000

On Mon, 1 Mar 2004 16:48:07 +0200
"Konstantinos Fotiadis" <bookman@oteglobe.net> wrote:

> The box has no services running expect apache and we telnet to it via
> SSH. Main function of this box will be graphing various interfaces via
> rrdtool. So, I would like to ask if there is any other precautions
> that I must take in order to sleep safe at night. Should I check for
> any other opened ports ? 

sockstat -l -4

>Should I do something with the kernel to be
> more secure ? I know this ain't so easy, but let's say my main scope
> is to get a least a decent sleep :-)

Try these ports (all under "security"):
lockdown
chkrootkit
portaudit
tripwire
snort
freebsd-update
just to name a few. Of course you should read about OpenSSH and Apache
security and keep them up to date. Maybe even run sshd at some high port
like 56789?

br
db