From owner-freebsd-security Thu Aug 27 04:46:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA29921 for freebsd-security-outgoing; Thu, 27 Aug 1998 04:46:15 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from gjp.erols.com (alex-va-n008c079.moon.jic.com [206.156.18.89]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA29905 for ; Thu, 27 Aug 1998 04:46:10 -0700 (PDT) (envelope-from gjp@gjp.erols.com) Received: from gjp.erols.com (gjp@localhost.erols.com [127.0.0.1]) by gjp.erols.com (8.8.8/8.8.7) with ESMTP id HAA10634; Thu, 27 Aug 1998 07:45:17 -0400 (EDT) (envelope-from gjp@gjp.erols.com) X-Mailer: exmh version 2.0.1 12/23/97 To: Seppo Kallio cc: security@FreeBSD.ORG From: "Gary Palmer" Subject: Re: post breakin log (Saint/Nessus/?) In-reply-to: Your message of "Thu, 27 Aug 1998 13:04:01 +0300." <19980827130401.B546@beeblebrox.cc.jyu.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 27 Aug 1998 07:45:16 -0400 Message-ID: <10629.904218316@gjp.erols.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Seppo Kallio wrote in message ID <19980827130401.B546@beeblebrox.cc.jyu.fi>: > We are managing 10-20 Sun/Linux/FreeBSD nodes at cc, > AND a lot of University staff have Linux/Sun workstations. Put the staff machines behind a strong firewall/bastion host so that they can't run `services'. Without services, the machines are inpenetrable (unless your firewall box gets hacked). Then you don't have to care what they run, unless you're worried about them hacking each other :) Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message