Date: Mon, 08 Apr 2002 10:54:37 -0400 From: Bill Moran <wmoran@potentialtech.com> To: Mr Munkeh <munk3h02@yahoo.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD Security Message-ID: <3CB1AF2D.1060506@potentialtech.com> References: <20020408144125.8556.qmail@web14406.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mr Munkeh wrote: > hi im looking for some security help on FreeBSD, im using it as a > workstation pc and not as a server so i dont want to be hosting any > services to the outside world, im using FreeBSD 4.5-STABLE and have > the following open ports: > > Port State Service > 22/tcp open ssh > in /etc/rc.conf put 'sshd_enable="NO"' > > 25/tcp open smtp > Disable sendmail completely, or at least disable the server component. (see recent discussions on sendmail on this list) > > 514/udp open syslog > Put 'syslogd_flags="-ss"' in /etc/rc.conf > > 587/tcp open submission > This will go away when you disable sendmail > > 2504/tcp open unknown > Don't know. Run "sockstat" and see what program is listening on that port, then take some time to figure out how to disable it. > how do i close all none needed ports so other people cant access them > and does anyone recommend a good firewall program thats in the ports > system? > ipfw is part of the base system. Read the man page for rc.conf for info on how to enable it, and read the man page for ipfw to learn how to configure it. /etc/rc.firewall is the file you'll want to tweak. good luck, Bill Moran To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CB1AF2D.1060506>