Date: Tue, 3 Feb 1998 21:37:05 +0000 From: "bahwi" <bahwi@cityscope.net> To: sporkl@dti.net Subject: Re: Security Message-ID: <199802040345.VAA06148@cs1.cityscope.net> In-Reply-To: <Pine.BSF.3.96.980203222617.5335A-100000@mental>
next in thread | previous in thread | raw e-mail | index | archive | help
> If I were to let other people have telnet access to my machine, what > would be a prudent number of security precautions to take? Big question. (IMO) 1. Change the root password weekly, or every couple of days. 2. Disable the r* services, don't let people do that to you. 3. Shadow the password file(Can you do that in FreeBSD? I wonder) 4. Run a password cracking utility on YOUR own password file(NEVER on someone else's without their written permission) Make sure your users don't have simple passwords. Even the best security on a password file cannot prevent someone else from getting the file. 5. Check out http://www.rootshell.com/ and find everything you can. 6. Diallow rlogin and rsh and the other r* services. 7. Runs COPS(a port is available) and SATAN(SANTA for those who find it offensive) 8. Become Paranoid. Perhaps I overdid it a bit, but I am paranoid without running a server(yet). Hope this helps. -bahwi email- bahwi@technologist.com ICQ Name: bahwi UIN: 3328936 iChat Name: bahwi -EOF
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802040345.VAA06148>