Date: Sat, 16 Jun 2001 11:29:39 -0800 From: Beech Rintoul <akbeech@anchoragerescue.org> To: "Dave Atkins" <dave@atkinshome.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: a single resource for small network basic security considerations Message-ID: <01061611293900.04840@galaxy.anchoragerescue.org> In-Reply-To: <000701c0f68e$20cdefd0$0300a8c0@dave> References: <000701c0f68e$20cdefd0$0300a8c0@dave>
next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 16 June 2001 09:59, Dave Atkins wrote:
> Sorry, I should stop posting before people start telling me to RTFM...but
> this list is the most helpful resource I have been able to find.
>
> Is there a good online resource which goes into step-by-step detail about
> how to set up and protect a small network--for example for a small startup
> company?
>
> I have found tons of information, scattered all over the place, but no good
> single resource.
>
> Here is the outline for what I believe would be the topics needed. I don't
> expect people to answer these questions on this list, but if you have good
> links and send them to me (dave@atkinshome.com), I will compose a
> comprehensive article and repost it--or at least a link to a url. My
> question for this list is whether someone else has already done this?
>
> 1) basic network architecture
> how to set up a firewall machine
> how to enable NAT including real IP to private IP aliasing
> how to use ifpw to write rules that provide best security - and the
> consequences of each rule
> how to set up dhcp to provide addressing for the internal network and how
> to deal with static ips
> how to lock down the firewall machine by disabling vulnerable services
> and setting system security
> how can I monitor attempted intrusions?
>
> 2) enabling the internal network
> Mail: what is most secure smtp strategy? (and howto do it)
> bastion host outside firewall relaying to internal mail server or just
> open a port to the internal server?
> how do I prevent my mail server from becoming a spam relay?
> latest sendmail config tweaks?
> server configuration/security above and beyond packet filtering
> covered above?
> DNS configuration
> I run my own DNS...should I poke a hole in the firewall or protect my
> servers as best I can and leave them outside the firewall?
> How do I handle DNS for the internal network, given that I have these
> external DNS servers going too?
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
--
-------------------------------------------------------------------
Beech Rintoul - IT Manager - Instructor - akbeech@anchoragerescue.org
/"\ ASCII Ribbon Campaign | Anchorage Gospel Rescue Mission
\ / - NO HTML/RTF in e-mail | P.O. Box 230510
X - NO Word docs in e-mail | Anchorage, AK 99523-0510
/ \ -----------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01061611293900.04840>