From owner-freebsd-questions Thu Feb 22 5:23: 2 2001 Delivered-To: freebsd-questions@freebsd.org Received: from bryden.apana.org.au (bryden.apana.org.au [203.3.126.129]) by hub.freebsd.org (Postfix) with ESMTP id B000337B491 for ; Thu, 22 Feb 2001 05:22:51 -0800 (PST) (envelope-from dougy@bryden.apana.org.au) Received: from roadrunner (roadrunner.apana.org.au [203.3.126.132]) by bryden.apana.org.au (8.11.1/8.11.1) with SMTP id f1MDLkE57749; Thu, 22 Feb 2001 23:21:52 +1000 (EST) (envelope-from dougy@bryden.apana.org.au) Message-ID: <00cb01c09cd2$84442ea0$847e03cb@apana.org.au> From: "Doug Young" To: , "Ted Mittelstaedt" Cc: "Macrolosa" , References: <00dd01c09c49$494b6f40$847e03cb@apana.org.au> <004701c09cad$b8c88c40$1401a8c0@tedm.placo.com> <20010222013718.G89396@rfx-216-196-73-168.users.reflex> Subject: Re: login-MODEM Date: Thu, 22 Feb 2001 23:22:24 +1000 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I don't profess to be any kind of guru, so the easiest workable solution I could implement was to remove all non-essential services from mission critical machines, lock those boxes down as much as possible given my ability (or lack thereof) & then allow regular users shell access to what Ted described as "kiddy playpens" or somesuch. Thats worked far better than the previous system where all & sundry had access of some kind to the more mission critical machines. At least we haven't been hacked since then whereas it used to be a regular occurrence, albeit only once or twice a year. I've been considering building some OpenBSD systems for the gateways ... some seem to believe they are a better solution than FreeBSD for that purpose. ----- Original Message ----- From: "Crist J. Clark" To: "Ted Mittelstaedt" Cc: "Doug Young" ; "Macrolosa" ; Sent: Thursday, February 22, 2001 7:37 PM Subject: Re: login-MODEM > On Thu, Feb 22, 2001 at 12:59:10AM -0800, Ted Mittelstaedt wrote: > > [snip] > > > There's nothing to running a shell server as long as you take a few simple > > precautions. > > *boggle* > > It is pretty much assumed that if a user can get local, he can get > root. For recent FreeBSD examples, take the /proc holes (and there are > probably more) used to get the webserver. OpenBSD had some chpass and > others publicized back in October. And this is my favorite, pretty > much EVERY SINGLE Solaris BOX IN THE WORLD has a particular local root > exploit that has no reasonable work around or vendor patch. > > > Your way overstating the security risks here. What risks?! There's nothing > > that a user can do on a shell server that they can't do already by setting > > up a > > UNIX system and dialing into us, except for screwing other users on that > > server, > > And everytime some kiddie nukes the server and uses your bandwidth to > scan half the Internet for portmap, you have to fix it and get all of > the hate mail. > > > Rubbish - your making things way hard for yourself. UNIX already has > > excellent security for this - you just need to understand it. > > UNIX does not have strong security. It was not originally designed for > security. That's not to say it is not as strong or stronger than the > other extremely popular operating systems of today, but those are very > weak too. > -- > Crist J. Clark cjclark@alum.mit.edu > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message