Date: Wed, 10 May 2000 00:17:46 -0400 (EDT) From: Jerry Bell <jerry@www.bellnetworks.net> To: Andy Coates <andy@friends-tv.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Making by box "non rootable" Message-ID: <Pine.BSF.4.21.0005100016240.78072-100000@www.bellnetworks.net> In-Reply-To: <000b01bfb9a3$e960b460$0100a8c0@blade>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, There's a write up on hardening FreeBSD at www.syslog.org. Hope it helps. Jerry On Tue, 9 May 2000, Andy Coates wrote: > Hi, > > I will be shortly putting my FreeBSD3.4-STABLE machine on the net, and will > be giving various people user accounts. > > Can anyone give me a list of, or a website with, the most common ways > "hackers" gain root, and most importantly ways on stopping them. The main > services I will be running are Apache, MySQL, FTP, Qmail - all of which are > recent versions, and hopefully none of those have exploits. > > I'm hopefully not stupid, and I'd like to think I have everything covered - > but if someone did gain root, is there a way that I can tell this from the > logs? Or would they just delete those entries anyway? Maybe some other > logging program? > > My main worry is that they could wipe everything - and not having any backup > tapes or anything REALLY would upset me. > I also keep a close eye on Bugtraq - is this the best way to keep informed > and watch out for any new exploits that I can quickly take care of? > > TIA, > Andy. > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005100016240.78072-100000>