From owner-freebsd-questions@FreeBSD.ORG Sun Apr 17 15:14:35 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDC9116A4CE for ; Sun, 17 Apr 2005 15:14:35 +0000 (GMT) Received: from herbert.sohotech.ca (herbert.sohotech.ca [206.116.63.239]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1D24743D48 for ; Sun, 17 Apr 2005 15:14:35 +0000 (GMT) (envelope-from greg@grokking.org) Received: from localhost (unknown [127.0.0.1]) by herbert.sohotech.ca (Postfix) with ESMTP id 4935517BD6A for ; Sun, 17 Apr 2005 08:14:32 -0700 (PDT) Received: from herbert.sohotech.ca ([127.0.0.1]) by localhost (herbert.sohotech.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 08137-06 for ; Sun, 17 Apr 2005 08:14:30 -0700 (PDT) Received: from chomsky.sohotech.ca (chomsky.sohotech.ca [192.168.1.6]) by herbert.sohotech.ca (Postfix) with ESMTP id D34111798F5 for ; Sun, 17 Apr 2005 08:14:30 -0700 (PDT) From: "greg@grokking.org" To: freebsd-questions@freebsd.org In-Reply-To: <200504171703.46362.joost@amiculus.com> References: <200504171304.48447.joost@amiculus.com> <200504171551.11050.joost@amiculus.com> <20050417143512.GA44874@slackbox.xs4all.nl> <200504171703.46362.joost@amiculus.com> Content-Type: text/plain Date: Sun, 17 Apr 2005 08:14:31 -0700 Message-Id: <1113750871.9286.7.camel@chomsky.sohotech.ca> Mime-Version: 1.0 X-Mailer: Evolution 2.0.3 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at sohotech.ca Subject: Re: messages from dhclient X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Apr 2005 15:14:35 -0000 On Sun, 2005-04-17 at 17:03 +0200, Joost van Dijk wrote: > > Don't turn off the firewall. > > etc... > > > Depends on what your network configuration is. If you are sitting behind > > an ethernet ADSL router, you're probably OK, since those usually come > > with a firewell and NAT built-in. If you don't have one of those, you > > would be wise to firewall all the systems that are in direct contact > > with the Internet. IMHO making an unfirewalled box directly accessibly > > from the internet is an accident waiting to happen. > > > > If you cannot set up a firewall, at least disable all unneeded > > services. E.g. disable sendmail if you don't need it. That will minimize > > the chances of your boxen being h4x0r3d. :-) > > Roland and Bob > > I have glass fiber (100 MB/sec) that comes through one router which is not a > NAT and has no firewall built in. I have been told that this is one hop from > the backbone. I have attached the glass fiber to a modem, which gives me > eight 10 MB/sec ethernet outlets. The modem is dumb and contains no firewall. > That puts my computer two unprotected hops from the backbone (if I understand > this correctly). > > One could say that I am exposed, without risking great exaggeration. But that > doesn't matter, because there is really nothing on the machine. I am only > using it to learn on. Hate to be the one to break it to you but YOUR privacy is probably the least important concern (though I mean no offence by this statement). If you have this kind of connectivity, I'd be more concerned with what a potential attacker could do to OTHERS using YOUR compromised host. Also, you should be picking up on the potential legal ramifications suggested by this... > > What does IMHO mean? In My Humble Opinion. > > What does h4x0r3d mean? It's script-kiddie jargon for "hacked" (i.e. compromised, in more polite terms). G