From owner-freebsd-security  Tue Dec 19 11:16: 9 2000
From owner-freebsd-security@FreeBSD.ORG  Tue Dec 19 11:16:06 2000
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mail.pacex.net (unknown [209.189.111.246])
	by hub.freebsd.org (Postfix) with SMTP id 10AD537B400
	for <freebsd-security@freebsd.org>; Tue, 19 Dec 2000 11:16:06 -0800 (PST)
Received: (qmail 4838 invoked from network); 19 Dec 2000 19:16:01 -0000
Received: from unknown (HELO ns1.pacex.net) (209.189.111.244)
  by ns1.pacex.net with SMTP; 19 Dec 2000 19:16:01 -0000
Message-ID: <000e01c069e8$d30dccc0$f46fbdd1@pacex.net>
From: "admin" <admin@pacex.net>
To: <freebsd-security@freebsd.org>
Subject: Securing FreeBSD against hacking
Date: Tue, 19 Dec 2000 10:23:45 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_000B_01C069A5.C49FC820"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

This is a multi-part message in MIME format.

------=_NextPart_000_000B_01C069A5.C49FC820
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi Folks;

I am kinda glad I hung around this list for a while...
I am running a FreeBSD 4.2-STABLE (recently upgraded machines) for web =
(Apache-1.39)mail (Qmail-1.03 sendmail-8.11.1).=20
I have recently seen some activities on the web server that make me very =
nervous (I know I am being very general) but my concern is:

1.  How do I setup a dedicated machine to collect data and connection =
attempts to my machines
2. How to implement a notification systems to alert when critical files =
on the server have been tampered with.
3. How to find out if my machines are REALY CLEAN (some sort of software =
auditing to determine if what is already in the machines is a good =
benchmark for future security audits)


Thank you!


Dan=20

------=_NextPart_000_000B_01C069A5.C49FC820
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2314.1000" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi Folks;</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I am kinda glad I hung around this list =
for a=20
while...</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I am running a FreeBSD 4.2-STABLE =
(recently=20
upgraded machines) for web (Apache-1.39)mail (Qmail-1.03 =
sendmail-8.11.1).=20
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I have recently seen some activities on =
the web=20
server that make me very nervous (I know I am being very general) but my =
concern=20
is:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>1.&nbsp; How do I setup a dedicated =
machine to=20
collect data and connection attempts to my machines</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2. How to implement a notification =
systems to alert=20
when critical files on the server have been tampered with.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>3. How to find out if my machines are =
REALY CLEAN=20
(some sort of software auditing to determine if what is already in the =
machines=20
is a good benchmark for future security audits)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Thank you!</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Dan</FONT>&nbsp;</DIV></BODY></HTML>

------=_NextPart_000_000B_01C069A5.C49FC820--



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message