From owner-freebsd-security@FreeBSD.ORG Mon Mar 1 09:22:37 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11C9816A4CE for ; Mon, 1 Mar 2004 09:22:37 -0800 (PST) Received: from mail.oteglobe.net (ns1.oteglobe.net [62.75.2.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id CFB5143D4C for ; Mon, 1 Mar 2004 09:22:35 -0800 (PST) (envelope-from bookman@oteglobe.net) Received: from bookmanlaptop (trilluser@[172.21.62.26]) by mail.oteglobe.net (8.11.7/8.11.7) with SMTP id i21HLd602226; Mon, 1 Mar 2004 19:21:39 +0200 (EET) From: "Konstantinos Fotiadis" To: "Kevin D. Kinsey, DaleCo, S.P." , Date: Mon, 1 Mar 2004 19:21:28 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-7" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <40436FB0.8040600@daleco.biz> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal cc: freebsd-security@freebsd.org Subject: RE: General Security Issues X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bookman@oteglobe.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Mar 2004 17:22:37 -0000 Yeap, sendmail is down. However inetd.conf is up but it only starts the SSH daemon. Is this a problem-threat ? PS: Is this the right list for security questions or not ? Cause I got an e-mail from someone that this isn't.... best /kostas -----Original Message----- From: Kevin D. Kinsey, DaleCo, S.P. [mailto:kdk@daleco.biz] Sent: Monday, March 01, 2004 7:15 PM To: bookman@oteglobe.net Cc: freebsd-security@freebsd.org Subject: Re: General Security Issues Konstantinos Fotiadis wrote: >Greetings list, > >As a newbie to security I would like to ask any recommendation that the list >might have. >We are about to "install" a new box with 4.9 stable to the nice and innocent >internet world. :-P >The box has no services running expect apache and we telnet to it via SSH. > > So you've disabled sendmail and inetd.conf? >Main function of this box will be graphing various interfaces via rrdtool. >So, I would like to ask if there is any other precautions that I must take >in order to sleep safe at night. Should I check for any other opened ports ? > > Good idea, always ... from inside (netstat) and outside (port scanner, like nmap).... >Should I do something with the kernel to be more secure ? > > A firewall is often considered a must. >I know this ain't so easy, but let's say my main scope is to get a least a >decent sleep :-) > >Kind Regards, > >Kostas > > > > I imagine this list would prefer that you send your questions to the questions@ list. I can't remember the list charter enough to know exactly *why* at the moment ... so I've made a comment or two. I imagine that if you can find no open ports, and stay on top of any changes to Apache and OpenSSH, you should have few worries --- except for the scripts that run on the webserver...which is a whole different topic, as I see it.... :-( Kevin Kinsey DaleCo, S.P.