From owner-freebsd-questions  Wed Apr 24 22:41:36 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from russian-caravan.cloud9.net (russian-caravan.cloud9.net [168.100.1.4])
	by hub.freebsd.org (Postfix) with ESMTP id 9533F37B425
	for <FreeBSD-Questions@FreeBSD.Org>; Wed, 24 Apr 2002 22:41:32 -0700 (PDT)
Received: from earl-grey.cloud9.net (earl-grey.cloud9.net [168.100.1.1])
	by russian-caravan.cloud9.net (Postfix) with ESMTP
	id 3D9A828B9B; Thu, 25 Apr 2002 01:41:32 -0400 (EDT)
Date: Thu, 25 Apr 2002 01:41:32 -0400 (EDT)
From: Peter Leftwich <Hostmaster@Video2Video.Com>
X-X-Sender:  <pete@earl-grey.cloud9.net>
To: VB <dreck@getnet.com>
Cc: FreeBSD LIST <FreeBSD-Questions@FreeBSD.Org>
Subject: Re: security patching
In-Reply-To: <20020424183703.A365@sunny.localdomain>
Message-ID: <20020425013758.R8593-100000@earl-grey.cloud9.net>
Organization: Video2Video Services - http://Www.Video2Video.Com
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Wed, 24 Apr 2002, VB wrote:
> I just installed 4.4 release, and cvsupped right away.  I want to port upgrade ***all and only*** those ports which pertain to security. How do I know which ports exist because they improve the integrity of my system versus which ports exist only because they add new, non-security-related, features?  (WHen I say "security" here, I am not talking about nmap and tripwire, I am talking about holes in my system.) Thank you, -VB

(erg, I wish I knew the difference between cvsupping and port upgrading
"right away!"  *grin*)

My advice would include ~ Subscribe to Security@FreeBSD.Org and keep a
tight system.  There shouldn't be any "holes" on your system;  Have you
found one or some, or do you suspect that some exist?  You can close a lot
of ports using /etc/inetd.conf and being wary about which daemons and
binaries happen to be running at any given time.  Hope this helps,

--
Peter Leftwich
President & Founder
Video2Video Services
Box 13692, La Jolla, CA, 92039 USA
+1-413-403-9555


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message