Date: Sat, 9 May 1998 11:25:17 +1000 (EST) From: Nicholas Charles Brawn <ncb05@uow.edu.au> To: Sanjit Roy <fiber@phy.iitkgp.ernet.in> Cc: freebsd-security@FreeBSD.ORG Subject: Re: how safe is FreeBSD 2.2.5 Message-ID: <Pine.SOL.3.96.980509111221.8493A-100000@banshee.cs.uow.edu.au> In-Reply-To: <3553963E.F2C5DE6@phy.iitkgp.ernet.in>
next in thread | previous in thread | raw e-mail | index | archive | help
[moving this to freebsd-security] On Sat, 9 May 1998, Sanjit Roy wrote: > I need some advise regarding the security level in FreeBSD. Lately, a > lot of students in my university campus have been into hacking activity. > I have a Linux (kernel 1.2.8) system on one of my mail gateways and it's > a piece of cake becoming 'root' on that machine. I immediately need to > upgrade that to either REDHAT Linux 5.0 or FreeBSD 2.2.5. I have both > the flavours of unix available with me. > > What I want to know is : > > 1. which of the two is more secure? As always this is a debatable topic. What it comes down to is the security features incorporated and/or available with the OS, the attitude of the developers to fixing bug and or security problems, and above all, the skill of the person administrating the machine (in securing it). I think you should go with FreeBSD. :) > 2. Is shadow util really effective in Linux. Don't know if there's one > in FreeBSD? Haven't used linux in a while so I couldn't help you there. But FreeBSD has shadowing incorporated from the get-go. The two files, or rather four(?) you have in FreeBSD are: /etc/passwd (shadowed). /etc/master.passwd (root-only readable file with the password's md5'd). /etc/pwd.db (something I haven't really looked into, but it contains gecos-related information). /etc/spwd.db (root-only readable file containing information similar to above but also password strings). > 3. what do i have to do/install to make my system secure i.e, what are > the available patches and where do i get them? ftp://ftp.freebsd.org/pub/FreeBSD/CERT. > > Hoping to hear from you soon. > Sanjit. > fiber@phy.iitkgp.ernet.in > regards, Nicholas Brawn -- Email: ncb05@uow.edu.au - DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A http://rabble.uow.edu.au/~nick - public key available on request. Nicholas Brawn - Computer Science Undergraduate, University of Wollongong. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96.980509111221.8493A-100000>