Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 2 Nov 2001 08:51:21 -0600
From:      "Scott Gerhardt" <scott@gerhardt-it.com>
To:        "Anthony Atkielski" <anthony@atkielski.com>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG>
Subject:   RE: Lockdown of FreeBSD machine directly on Net
Message-ID:  <KPEMLBLEMPMHGLJOCDEGOECECMAA.scott@gerhardt-it.com>
In-Reply-To: <003e01c16364$262d7fc0$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
If you are the only administrator this isn't too bad, but still not
recommended.  If you have several administrators logging in from time to
time, you are better off logging in as yourself first and 'su' to root.
That way there is record in the logs as to who did what.





   > -----Original Message-----
   > From: owner-freebsd-questions@FreeBSD.ORG
   > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony
   > Atkielski
   > Sent: November 2, 2001 12:04 AM
   > To: FreeBSD Questions
   > Subject: Lockdown of FreeBSD machine directly on Net
   >
   >
   > Is there anything special I need to do to secure a FreeBSD
   > system, freshly
   > installed, before putting it on the Internet (i.e., with an IP
   > address reachable
   > from the outside world)?  Is it secure against attack as
   > installed, or do I have
   > to tweak some things?
   >
   > Right now I have only ssdh, telnetd, sendmail, and inetd
   > running, with ftp
   > available (anonymous is disabled).  I am planning to install
   > Apache so that I
   > can prototype my Web site locally.  The one change I've made
   > is to allow secure
   > login for root in ttys; if there is a way of restricting root
   > logins to my other
   > machine on my LAN, I'd like to know how to do that (it will
   > never be necessary
   > to login as root from the Net).
   >
   >
   > To Unsubscribe: send mail to majordomo@FreeBSD.org
   > with "unsubscribe freebsd-questions" in the body of the message
   >


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?KPEMLBLEMPMHGLJOCDEGOECECMAA.scott>