From owner-freebsd-questions@FreeBSD.ORG Wed May 10 17:55:18 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CF6316A439 for ; Wed, 10 May 2006 17:55:18 +0000 (UTC) (envelope-from fbsd@a1poweruser.com) Received: from mta10.adelphia.net (mta10.adelphia.net [68.168.78.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9627043D46 for ; Wed, 10 May 2006 17:55:17 +0000 (GMT) (envelope-from fbsd@a1poweruser.com) Received: from barbish ([70.39.69.56]) by mta10.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with SMTP id <20060510175516.HVYY14145.mta10.adelphia.net@barbish>; Wed, 10 May 2006 13:55:16 -0400 From: "fbsd" To: "Jim Stapleton" , Date: Wed, 10 May 2006 13:55:11 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <80f4f2b20605100617t3adfc57brc213c8571288727f@mail.gmail.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478 Importance: Normal Cc: Subject: RE: securing beyond the handbook X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fbsd@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 May 2006 17:55:18 -0000 There is no difference between a dynamic and static ip address from the point of the firewall. If you felt secure before, then getting a static ip address will have no effect on that. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Jim Stapleton Sent: Wednesday, May 10, 2006 9:18 AM To: freebsd-questions@freebsd.org Subject: securing beyond the handbook I'm about to get a static IP and direct outside access for my BSD box (before it was hidden behind a firewall/NAT). I was comfortable with the level of security I've had, but with the whole "open to the outside world" setup I'll have, what would you suggest for securing it? I'll be running: Apache PHP MySQL SSH/SFTP OpenRPG (only occasionally, from a special nonpriv account) Any suggestions, any of these that you know are such huge security holes that you would absolutely demand something else be run? Any other security suggestions? Thanks, -Jim _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"