Date: Sat, 26 Jul 2003 19:33:08 +0200 From: "Peter Rosa" <prosa@pro.sk> To: <matthew@starbreaker.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: suid bit files and securing FreeBSD Message-ID: <00f901c3539b$faf803a0$3501a8c0@pro.sk> References: <00a201c35398$ed1de680$3501a8c0@pro.sk> <200307261322.31656.matthew@starbreaker.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Matthew,
thank you very much. It's excatly you say. FreeBSD is my option because of
"historical reasons". Someone has installed it for me two years ago, and now
I love it (he installed it after two hacks and two reinstallations of RedHat
Linux [I don't want to say, RHL is not good, but FBSD is better :-) {now I
see the storm, like with I'm christian...... mail to this list :-))) } ] ).
Wow, such a short sentence I just produced :-)
Peter Rosa
----- Original Message -----
From: "Matthew Graybosch" <matthew@starbreaker.net>
To: "Peter Rosa" <prosa@pro.sk>
Cc: <freebsd-questions@freebsd.org>
Sent: Saturday, July 26, 2003 7:22 PM
Subject: Re: suid bit files and securing FreeBSD
>
> > Second question is: Has anybody an exact wizard, how to secure
> > the FreeBSD machine. Imagine the situation, the only person who
> > can do anything on that machine is me, and nobody other. I have
> > set very restrictive firewalling, I have removed ALL tty's except
> > two local tty's (I need to work on that machine), but there are
> > still open port 25 and 53 (must be forever), so someone very
> > tricky can compromite my machine.
> >
> > I'm a little bit paranoic, don't I :-)))))))
>
> Uhm, yes, you *are* just a wee bit paranoid. But it helps to be
> paranoid if you're root on somebody else's machine. Great power and
> great responsibility, right?
>
> But if you're concerned with security uber alles, I'm surprised you
> didn't look into OpenBSD first. According to their site
> (openbsd.org), they've had "only one remote hole in the default
> install, in more than 7 years!"
>
> FreeBSD certainly can be secured, but it appears that the developers
> put performance and reliability first, and then security. Theo de
> Raadt puts security first.
>
> --
> Matthew Graybosch
> http://www.starbreaker.net
> "I am become root, shatterer of kernels."
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00f901c3539b$faf803a0$3501a8c0>