Date: Mon, 1 Mar 2004 19:21:28 +0200 From: "Konstantinos Fotiadis" <bookman@oteglobe.net> To: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz>, <bookman@oteglobe.net> Cc: freebsd-security@freebsd.org Subject: RE: General Security Issues Message-ID: <DNENIGNODKCOJCLIAEICCEMJDHAA.bookman@oteglobe.net> In-Reply-To: <40436FB0.8040600@daleco.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
Yeap, sendmail is down. However inetd.conf is up but it only starts the SSH daemon. Is this a problem-threat ? PS: Is this the right list for security questions or not ? Cause I got an e-mail from someone that this isn't.... best /kostas -----Original Message----- From: Kevin D. Kinsey, DaleCo, S.P. [mailto:kdk@daleco.biz] Sent: Monday, March 01, 2004 7:15 PM To: bookman@oteglobe.net Cc: freebsd-security@freebsd.org Subject: Re: General Security Issues Konstantinos Fotiadis wrote: >Greetings list, > >As a newbie to security I would like to ask any recommendation that the list >might have. >We are about to "install" a new box with 4.9 stable to the nice and innocent >internet world. :-P >The box has no services running expect apache and we telnet to it via SSH. > > So you've disabled sendmail and inetd.conf? >Main function of this box will be graphing various interfaces via rrdtool. >So, I would like to ask if there is any other precautions that I must take >in order to sleep safe at night. Should I check for any other opened ports ? > > Good idea, always ... from inside (netstat) and outside (port scanner, like nmap<?>).... >Should I do something with the kernel to be more secure ? > > A firewall is often considered a must. >I know this ain't so easy, but let's say my main scope is to get a least a >decent sleep :-) > >Kind Regards, > >Kostas > > > > I imagine this list would prefer that you send your questions to the questions@ list. I can't remember the list charter enough to know exactly *why* at the moment ... so I've made a comment or two. I imagine that if you can find no open ports, and stay on top of any changes to Apache and OpenSSH, you should have few worries --- except for the scripts that run on the webserver...which is a whole different topic, as I see it.... :-( Kevin Kinsey DaleCo, S.P.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DNENIGNODKCOJCLIAEICCEMJDHAA.bookman>