From owner-freebsd-chat Mon Jul 27 16:11:57 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA03101 for freebsd-chat-outgoing; Mon, 27 Jul 1998 16:11:57 -0700 (PDT) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from shell6.ba.best.com (jkb@shell6.ba.best.com [206.184.139.137]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA03084 for ; Mon, 27 Jul 1998 16:11:51 -0700 (PDT) (envelope-from jkb@best.com) Received: from localhost (jkb@localhost) by shell6.ba.best.com (8.9.0/8.9.0/best.sh) with SMTP id QAA09220; Mon, 27 Jul 1998 16:11:13 -0700 (PDT) X-Authentication-Warning: shell6.ba.best.com: jkb owned process doing -bs Date: Mon, 27 Jul 1998 16:11:13 -0700 (PDT) From: "Jan B. Koum " X-Sender: jkb@shell6.ba.best.com To: Brett Glass cc: Greg Pavelcak , Dag-Erling Coidan =?iso-8859-1?Q?Sm=F8rgrav?= , Dennis Reiter , chat@FreeBSD.ORG Subject: FreeBSD Security How-To (Was: QPopper exploit) In-Reply-To: <199807272300.RAA00688@lariat.lariat.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello all, Since the secret is out now on freebsd-security .. I have been working on FreeBSD Security How-To for the last few weeks. It is still in beta and I hope to get more comments from people on -security. It is currently at www.best.com/~jkb/howto.txt No kernel hacking -- just basic steps users can take to secure their workstations, server, etc. I'd like any comments, feedback or suggestions from -chat also. (yes, I'll soon have html also for those of you who can't stand ascii). -- Yan Jan Koum jkb@best.com | "Turn up the lights; I don't want www.FreeBSD.org -- The Power to Serve | to go home in the dark." "Write longer sentences - they are paying us a lot of money" On Mon, 27 Jul 1998, Brett Glass wrote: >At 06:14 PM 7/27/98 -0400, Greg Pavelcak wrote: > >>> If I were a cracker, the first thing I'd try would be to scan IP >>> ranges known to belong to large ISPs' dialup servers, precisely for >>> that reason (and also because there's a much higher chance of finding >>> machines run by inexperienced or careless people there than amongst >>> permanently connected hosts) >> >>Hmm, major universities for example? (He asks through his UMass >>PPP account.) > >Major universities often have LOTS of holes. Many haven't patched that >Annex server problem, and a few even have *wide open* PPP connections >that anyone can use if he or she knows some basic terminal server >commands. > >All dial-ins should be carefully firewalled against exploits. We use >SLiRP running on FreeBSD, which is highly effective as a protective layer. >(See, we're not such slouches on security, even if our mail server WAS hit >by the QPopper exploit.) > >--Brett > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-chat" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message