Date: Thu, 16 Sep 1999 17:06:01 -0500 From: TrouBle <trouble@hackfurby.com> To: mcglk@serv.net, "questions@freebsd.org" <questions@freebsd.org> Subject: Re: A brief tutorial on closing the barn doors? Message-ID: <37E169C8.584A83D3@hackfurby.com> References: <87g10f29rl.fsf_-_@ralf.serv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
first comment out all uneeded services in /etc/inetd.conf then HUP inetd ps uax look for the inetd process id, then kill -HUP process id install exim or postfix for mail, lookk in /usr/ports/mail/exim instead of old sendmail if you run it... kill services from startup that you dont need, ie... named, amd, nfs, samba etc.. etc.... then install ssh and ssh2, both in the ports tree under /usr/ports/security/ssh and /usr/ports/security/ssh2 also install tripwire and tcp_wrappers, setup /etc/hosts.allow and /etc/hosts.deny properly install nmap, swatch, tripwire and any other security tools you wish thats a start for you... also look at drawbridge.tamu.edu you may want to install a firewall.... Thanks in Advance hope this helps Scott V. Kamp Network Security Analyst PS if you require more info, just mail me Ken McGlothlen wrote: > As time goes on, my general lassez-faire attitude toward system security in the > home is gradually changing. In the face of 24/7 net connections, I'm beginning > to think that the free Uni distributions should default to "nothing open." > > They don't, of course---not yet, anyway. > > So the time has come where I need to close up the box. I still want port 80 > open, and a couple of others. I need to be able to do a remote login. But > that's pretty much it; the rest I'd like to configure on an as-needed basis. > I'd also like to log all the sniffing it receives. > > So where do I start? I have a FreeBSD box hanging off a DSL connection. Where > do I look for information on how to start locking the doors? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37E169C8.584A83D3>