Date: Thu, 14 Jul 2005 00:15:13 +0200 From: Roland Smith <rsmith@xs4all.nl> To: alexandre.delay@free.fr Cc: freebsd-questions@freebsd.org Subject: Re: securing FreeBSD Message-ID: <20050713221513.GB94944@slackbox.xs4all.nl> In-Reply-To: <1121252743.42d4f587ada2c@imp4-q.free.fr> References: <1121252743.42d4f587ada2c@imp4-q.free.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
--aM3YZ0Iwxop3KEKx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 13, 2005 at 01:05:43PM +0200, alexandre.delay@free.fr wrote: > I would like to secure my FreeBSD server. > I don't want anyone to be able to access to the disk using a bootable > CD (or by setting the actual hdd to secondary and plug an other > primary hdd). Put the machine in a locked cabinet (which should have enough ventilation holes). The cabinet should be bolted to the floor or the wall. How sturdy the cabinet needs to be depends on what kind of attack it should withstand, and for how long... > I just don't want anyone to be able to hack this box nor any password. Disable all unneeded services and accounts. Allow root login from the console only. If you have physical access, disallow remote login entirely. Use long random passwords. Keep on top of security updates. Install intrusion detection systems. Roland --=20 R.F.Smith (http://www.xs4all.nl/~rsmith/) Please send e-mail as plain text. public key: http://www.xs4all.nl/~rsmith/pubkey.txt --aM3YZ0Iwxop3KEKx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC1ZJxEnfvsMMhpyURAp5DAJ92lh7dBsAHPOezfHXHX+5t4Rrj7gCdE82m rGL7Rw4TSVta2ocQSC0ksKI= =8c3K -----END PGP SIGNATURE----- --aM3YZ0Iwxop3KEKx--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050713221513.GB94944>