Date: Sun, 27 May 2001 09:34:39 -0400 From: Bill Moran <wmoran@iowna.com> To: Jorge Biquez <jbiquez@icsmx.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Advice on ISP services Please. Message-ID: <3B11026F.5FAE902F@iowna.com> References: <5.0.2.1.2.20010526230146.01c50350@icsmx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
There's been some excellent advice from others, so I'm not going to repeat it all, just add to it: Jorge Biquez wrote: > - How to restrict the access of FTP to only the specified directory of the > user. And that they can not see other users directories. Look in "man ftpd" for the section on /etc/ftpchroot Basically, any user name you put in this file will be restricted to their home directory. But read the man page. > - How to implement quotas with FTP so users only can have a limit on space. Use the FreeBSD disk quota system. "man quota" to start reading. I believe there are sections in the handbook as well. > - How to avoid users have access to telnet services. 1. Disable telnet in /etc/inetd.conf 2. Use ssh instead 3. Change shells to "nologin" for users you don't want to be able to ssh. > - How to avoid that a script of a user can consume lot of resources and > could crash the machine. Use login classes. "man login.conf" is a good place to start reading, also the applicable section of the handbook. > Mail servers are run on other machine as well as DNS. > What other important points am I missing? Firewalling, maybe (you may or may not need it) Also, consider running a proxy, such as Squid. It's not a security issue, but it will improve performance. -Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B11026F.5FAE902F>