From owner-freebsd-isp Thu Nov 30 1: 1:11 2000 Delivered-To: freebsd-isp@freebsd.org Received: from christel.heitec.net (christel.heitec.net [193.101.232.3]) by hub.freebsd.org (Postfix) with ESMTP id 5CDCD37B401 for ; Thu, 30 Nov 2000 01:01:09 -0800 (PST) Received: from tashi.admin.er.heitec.net (paladin.heitec.net [193.101.232.30]) by christel.heitec.net (Postfix) with ESMTP id 28AE9354813 for ; Thu, 30 Nov 2000 10:06:58 +0100 (CET) Received: by tashi.admin.er.heitec.net (Postfix, from userid 1000) id 1498B1DE1; Thu, 30 Nov 2000 10:02:56 +0100 (CET) Date: Thu, 30 Nov 2000 10:02:56 +0100 To: freebsd-isp@freebsd.org Subject: Re: Danger Ports Message-ID: <20001130100255.A793@heitec.net> Mail-Followup-To: freebsd-isp@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from jon_slivko@simphost.com on Wed, Nov 29, 2000 at 18:23:54 -0700 Organization: Heitec AG From: lenz@heitec.net (Lenz Gschwendtner) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Jonathan, On Wed, 29 Nov 2000, Jonathan M. Slivko wrote: > Can someone tell me what are the "danger" ports on FreeBSD, ports that > perhaps need to be blocked because they are insecure? I would like to know > so in the future, I can prevent outside attacks and concentrate more on > internal attacks, or "insider jobs" as they're called. in your case i would start with the freebsd handbook chapter 8 security then man security, man ipfw, man ipfilter. it has absoloutly no sense to copy some firewall scripts from somewhere if you don't understand what they are doing and why. further is there no sense to concentrate on internal attacks if can't even master the externel ones! cheers lenz -- (__) eat penguins instead, they start to (++)-----i\ spread around anyway! ~~| BSE | * |_|~|_| FreeBSD Systemadministrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message