From owner-freebsd-security Fri May 8 18:29:19 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA29992 for freebsd-security-outgoing; Fri, 8 May 1998 18:29:19 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from wraith.cs.uow.edu.au (root@wraith.cs.uow.edu.au [130.130.64.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA29954 for ; Fri, 8 May 1998 18:29:06 -0700 (PDT) (envelope-from ncb05@uow.edu.au) Received: from banshee.cs.uow.edu.au (ncb05@banshee.cs.uow.edu.au [130.130.188.1]) by wraith.cs.uow.edu.au (8.9.0.Beta5/8.9.0.Beta5) with SMTP id LAA23005; Sat, 9 May 1998 11:25:19 +1000 (EST) Date: Sat, 9 May 1998 11:25:17 +1000 (EST) From: Nicholas Charles Brawn X-Sender: ncb05@banshee.cs.uow.edu.au To: Sanjit Roy cc: freebsd-security@FreeBSD.ORG Subject: Re: how safe is FreeBSD 2.2.5 In-Reply-To: <3553963E.F2C5DE6@phy.iitkgp.ernet.in> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk [moving this to freebsd-security] On Sat, 9 May 1998, Sanjit Roy wrote: > I need some advise regarding the security level in FreeBSD. Lately, a > lot of students in my university campus have been into hacking activity. > I have a Linux (kernel 1.2.8) system on one of my mail gateways and it's > a piece of cake becoming 'root' on that machine. I immediately need to > upgrade that to either REDHAT Linux 5.0 or FreeBSD 2.2.5. I have both > the flavours of unix available with me. > > What I want to know is : > > 1. which of the two is more secure? As always this is a debatable topic. What it comes down to is the security features incorporated and/or available with the OS, the attitude of the developers to fixing bug and or security problems, and above all, the skill of the person administrating the machine (in securing it). I think you should go with FreeBSD. :) > 2. Is shadow util really effective in Linux. Don't know if there's one > in FreeBSD? Haven't used linux in a while so I couldn't help you there. But FreeBSD has shadowing incorporated from the get-go. The two files, or rather four(?) you have in FreeBSD are: /etc/passwd (shadowed). /etc/master.passwd (root-only readable file with the password's md5'd). /etc/pwd.db (something I haven't really looked into, but it contains gecos-related information). /etc/spwd.db (root-only readable file containing information similar to above but also password strings). > 3. what do i have to do/install to make my system secure i.e, what are > the available patches and where do i get them? ftp://ftp.freebsd.org/pub/FreeBSD/CERT. > > Hoping to hear from you soon. > Sanjit. > fiber@phy.iitkgp.ernet.in > regards, Nicholas Brawn -- Email: ncb05@uow.edu.au - DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A http://rabble.uow.edu.au/~nick - public key available on request. Nicholas Brawn - Computer Science Undergraduate, University of Wollongong. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message