Date: Fri, 30 Oct 1998 11:30:51 +0100 From: Eivind Eklund <eivind@yes.no> To: Nik Clayton <nik@nothing-going-on.demon.co.uk>, "Carlos C. Tapang" <ctapang@easystreet.com>, freebsd-current@FreeBSD.ORG Subject: Re: Plugging a FreeBSD server to the net: need advice Message-ID: <19981030113051.46830@follo.net> In-Reply-To: <19981029224704.64945@nothing-going-on.org>; from Nik Clayton on Thu, Oct 29, 1998 at 10:47:04PM %2B0000 References: <003401be036e$086894b0$0d787880@apex> <19981029224704.64945@nothing-going-on.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Oct 29, 1998 at 10:47:04PM +0000, Nik Clayton wrote: > On Thu, Oct 29, 1998 at 10:57:52AM -0800, Carlos C. Tapang wrote: > > Is FreeBSD.ORG behind a firewall? > > Yes. As far as I know, this is incorrect. I'm not able see it with traceroute, at least, and there isn't anything that look like one... > > If it's not, then my server probably does > > not need to be behind a firewall. (I am paranoid about malignant attacks, > > but if FreeBSD.ORG can survive, so should my server.) > > Be paranoid. Firewall. Only allow access to ports you know about. Drop > packets from 'unroutable' nets immediately (10/8, 172.16/16, 192.168/16). > Log odd connections to either a seperate machine, or (better yet) to a > line printer somewhere. Install tcp_wrappers from the ports, and wrap > services. This is always good advice. And don't run more services than you _absolutely_ need. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981030113051.46830>