Date: Thu, 11 May 2006 01:43:42 -0400 From: "David Stanford" <dthomas53@gmail.com> To: "Jim Stapleton" <stapleton.41@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: securing beyond the handbook Message-ID: <f2c91f770605102243p7f436695o84ca19b4a15548d6@mail.gmail.com> In-Reply-To: <80f4f2b20605102022m52ad9b27jd27903e7997fa782@mail.gmail.com> References: <80f4f2b20605100617t3adfc57brc213c8571288727f@mail.gmail.com> <MIEPLLIBMLEEABPDBIEGGEKCHGAA.fbsd@a1poweruser.com> <80f4f2b20605102022m52ad9b27jd27903e7997fa782@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jim, I'm currently reading Mastering FreeBSD and OpenBSD Security, and thus far it is proving to be a fantastic book covering many advanced security topics specifically related to BSD. I suggested you order a copy from Amazon<http://www.amazon.com/gp/product/0596006268/qid=3D1147325988/sr=3D1-= 1/ref=3Dsr_1_1/102-5661269-0811354?s=3Dbooks&v=3Dglance&n=3D283155>; it's well worth the time... -David On 5/10/06, Jim Stapleton <stapleton.41@gmail.com> wrote: > > Rephrase: > > I have 5 static IPs > currently 1 is being used to "power" the NAT for all the machines > inside the network, the other 4 are empty. > > I'm getting one of those 4 remaining, and having it point directly to > my BSD machine. > > > > On 5/10/06, fbsd <fbsd@a1poweruser.com> wrote: > > There is no difference between a dynamic and static ip > > address from the point of the firewall. > > > > If you felt secure before, then getting a static ip > > address will have no effect on that. > > > > -----Original Message----- > > From: owner-freebsd-questions@freebsd.org > > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Jim > > Stapleton > > Sent: Wednesday, May 10, 2006 9:18 AM > > To: freebsd-questions@freebsd.org > > Subject: securing beyond the handbook > > > > > > I'm about to get a static IP and direct outside access for my BSD > > box > > (before it was hidden behind a firewall/NAT). I was comfortable with > > the level of security I've had, but with the whole "open to the > > outside world" setup I'll have, what would you suggest for securing > > it? > > > > I'll be running: > > Apache > > PHP > > MySQL > > SSH/SFTP > > OpenRPG (only occasionally, from a special nonpriv account) > > > > Any suggestions, any of these that you know are such huge security > > holes that you would absolutely demand something else be run? > > > > Any other security suggestions? > > > > Thanks, > > -Jim > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f2c91f770605102243p7f436695o84ca19b4a15548d6>