From owner-freebsd-questions Sun Oct 20 18:20:53 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E5C8437B401 for ; Sun, 20 Oct 2002 18:20:51 -0700 (PDT) Received: from blueyonder.co.uk (pcow035o.blueyonder.co.uk [195.188.53.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7241B43E75 for ; Sun, 20 Oct 2002 18:20:45 -0700 (PDT) (envelope-from andrew@cream.org) Received: from pcow035o.blueyonder.co.uk ([127.0.0.1]) by blueyonder.co.uk with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 21 Oct 2002 02:20:09 +0100 Received: from cream.org (unverified [62.31.108.42]) by pcow035o.blueyonder.co.uk (Content Technologies SMTPRS 4.2.9) with ESMTP id ; Mon, 21 Oct 2002 02:20:09 +0100 Message-ID: <3DB35744.5080705@cream.org> Date: Mon, 21 Oct 2002 02:24:20 +0100 From: Andrew Boothman User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Robin Schilham Cc: Kent Stewart , Bryan Cassidy , freebsd-questions Subject: Re: Security! Please help newbie References: <20021020125909.1acd7e7c.bryanc2000@insightbb.com> <3DB30EE6.8020909@owt.com> <3DB310F8.2030605@xs4all.nl> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Robin Schilham wrote: >> The type is supposed to be open, close, simple, and etc. It depends on >> which type you are using in rc.firewall. Look for [Ss][Ii] and etc. > > According to the comments in /etc/rc.firewall firewall_type can also be > a file name. > Anyway, it might be better to start with one of the example rule sets in > /etc/rc.firewall > and adapt them to your needs. Good idea. Also don't forget to check the handbook and FAQ for relevent information and have a good Google around because I remember people putting information onto websites about locking down FreeBSD boxes. Also remember it is important to read understand and act on all FreeBSD security advisories, so make sure you are on the security-adivsories mailing list. It's probably best to install the most recent -release and then track the relevent security update branch to keep yourself secure. Read the handbook for more info. You also might want to read http://www.cert.org as I find that a good site for more general security information. Good luck, Andrew. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message