Date: Tue, 13 Oct 1998 18:08:55 +0100 From: Ben Smithurst <ben@scientia.demon.co.uk> To: Chan <bsd@capgemini.com.sg> Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: security Message-ID: <19981013180855.D945@scientia.demon.co.uk> In-Reply-To: <36234779.50CEBB96@capgemini.com.sg> References: <36234779.50CEBB96@capgemini.com.sg>
next in thread | previous in thread | raw e-mail | index | archive | help
Chan wrote: > I wonder if it's safe to put a FreeBSD on the internet? uh, I think so. wcarchive.cdrom.com runs FreeBSD. As do I of course, though my machine is not permanently connected, so the only intruders I get are morons trying to post shit through my news server. ipfw and nnrp.access are your friend there. (I prefer ipfw, saves a DNS lookup and starting an nnrpd process for each fuckwit spammer.) > Do I need to tighten any things on it? Can I change root to some > other names? By default, root cannot login remotely. You'll have to login as yourself, and use su to become root (you must be in group wheel to su to root). I can't see a reason why uid 0 _must_ be called root, though I wouldn't be surprised if lots of things expect it, so I wouldn't change it. > If I disable telnet, can intruders still execute commands by telneting > to other ports? No. Well, I'd hope not. (they should try and get in via ssh if you have sshd running, but that is not installed by default. And choose a password that's hard to guess, of course.) > compare to NT, which is more secure? I don't think I need to answer that question, I think you know the answer perfectly well yourself. -- Ben Smithurst ben@scientia.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981013180855.D945>