Date: Fri, 1 Dec 2000 20:13:01 +0100 From: Manuel Enrique Garcia Cuesta <megarcia@intercom.es> To: Darryl Hoar <darryl@osborne-ind.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Security steps Message-ID: <20001201201301.B786@ilex.kicelo.org> In-Reply-To: <000b01c05ba8$d5d8c340$0701a8c0@ruraltel.net> References: <000b01c05ba8$d5d8c340$0701a8c0@ruraltel.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Darryl, === Darryl Hoar escribia (Fri, Dec 01, 2000 at 09:10:25AM -0600): > Greetings, > I am running : > > FreeBSD proxy 4.0-RELEASE FreeBSD 4.0-RELEASE #0: > Mon Mar 20 22:50:22 GMT 2000 > root@monster.cdrom.com:/usr/src/sys/compile/GENERIC > i386 > > on my machine. I have this machine setup to run userland ppp with the auto > and nat flags so > that it provides internet access for my internal lan clients (win98, win95, > NT, HPUX). > > Since this is a dialup link (but it stays up for long periods at a time) do > I have a high security > risk ? With a dialup link, what security steps should be taken on a freshly > installed box ? I guess it depends on whom you ask about it. Being the paranoid type I am, if you ask me I would say you do have a high security risk :) Not that I am an expert, but I would disable the ability to initiate connections from outside. If you still need to access that machine from somewhere else besides your local network then set up ssh. That's it, basically. For the full story you can read http://www.freebsd.org/security/ and http://people.FreeBSD.org/~jkb/howto.html > > thanks, > Darryl HTH Manuel Garcia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001201201301.B786>