Date: Wed, 10 May 2000 14:34:43 +0200 From: Marc Silver <marcs@draenor.org> To: Andy Coates <andy@friends-tv.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Making by box "non rootable" Message-ID: <20000510143443.J1470@draenor.org> In-Reply-To: <000b01bfb9a3$e960b460$0100a8c0@blade>; from andy@friends-tv.net on Tue, May 09, 2000 at 11:46:59AM %2B0100 References: <000b01bfb9a3$e960b460$0100a8c0@blade>
next in thread | previous in thread | raw e-mail | index | archive | help
Take a look at: http://www.freebsd.org/handbook/security.html Cheers, Marc On Tue, May 09, 2000 at 11:46:59AM +0100, Andy Coates wrote: > Hi, > > I will be shortly putting my FreeBSD3.4-STABLE machine on the net, and will > be giving various people user accounts. > > Can anyone give me a list of, or a website with, the most common ways > "hackers" gain root, and most importantly ways on stopping them. The main > services I will be running are Apache, MySQL, FTP, Qmail - all of which are > recent versions, and hopefully none of those have exploits. > > I'm hopefully not stupid, and I'd like to think I have everything covered - > but if someone did gain root, is there a way that I can tell this from the > logs? Or would they just delete those entries anyway? Maybe some other > logging program? > > My main worry is that they could wipe everything - and not having any backup > tapes or anything REALLY would upset me. > I also keep a close eye on Bugtraq - is this the best way to keep informed > and watch out for any new exploits that I can quickly take care of? > > TIA, > Andy. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000510143443.J1470>