Date: Tue, 8 Feb 2005 21:33:59 +0100 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Re: Newbie Security Concerns Message-ID: <140493020.20050208213359@wanadoo.fr> In-Reply-To: <c5ead59.cb785457.81e0700@ms07.mrf.mail.rcn.net> References: <c5ead59.cb785457.81e0700@ms07.mrf.mail.rcn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
crzdgns1@starpower.net writes: > I am a new user of UNIX and FreeBSD and have never had to do any > administration or security configuration myself before. I am running > IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my > logs and discovered that sshd reported many illegal users. Does > that mean my system i compromised? As configured, there are only > three accounts on my system, root, toor, and one user account for > me. I suppose you need more information from me, but am not sure > what to provide. Any help would be greatly appreciated. FreeBSD is no more or less vulnerable than most other operating systems. It can be very secure if you are careful about what you run on the system, and it can be very insecure if you run everything under the sun without taking any precautions. Fortunately, there aren't as many kiddies trying to break into UNIX as there are trying to break into Windows these days, but at the same time, a majority of reported security bugs these days seem to be on Linux. A more important question is the use you intend to make of the system. A desktop system can be secured more easily than a server, because a desktop doesn't have to answer unsolicited incoming traffic from the Net, whereas a server _must_ do this, by definition. So servers always have a few doors open, whereas you can close all the doors on a desktop. The only virus infection I've ever had, ironically, was on FreeBSD, when a worm found its way into the Web server. It was a software bug, and since the HTTP port _must_ be open in order for the server to handle my Web site, I couldn't just lock things out. The worm didn't get far, though, because, when it tried to call its master, the reply from its master was blocked by my firewall. Still, that's the only virus infection I've had in decades of working on computers, as far as I can remember.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?140493020.20050208213359>