From owner-freebsd-security Thu Mar 14 2:22:40 2002 Delivered-To: freebsd-security@freebsd.org Received: from spitfire.velocet.net (spitfire.velocet.net [216.138.223.227]) by hub.freebsd.org (Postfix) with ESMTP id 9D2D437B419 for ; Thu, 14 Mar 2002 02:22:37 -0800 (PST) Received: from nomad.tor.lets.net (H74.C220.tor.velocet.net [216.138.220.74]) by spitfire.velocet.net (Postfix) with SMTP id 48F2FFB4503 for ; Thu, 14 Mar 2002 05:22:36 -0500 (EST) Received: (qmail 56366 invoked by uid 1001); 14 Mar 2002 10:17:31 -0000 Date: Thu, 14 Mar 2002 05:17:31 -0500 From: Steve Shorter To: Chest Rockwell Cc: freebsd-security@freebsd.org Subject: Re: New BSD user with a couple Qs Message-ID: <20020314051731.A56353@nomad.lets.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from cdgaming@msn.com on Thu, Mar 14, 2002 at 03:36:29AM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Mar 14, 2002 at 03:36:29AM -0600, Chest Rockwell wrote: > > I've read a couple docs on how to secure my machine. I just installed 4.4 > stable. I turned off pretty much everything except for ftp(users only, no > anon) and ssh. I am a little familiar with redhat and remember editing my > hosts.deny file so that it locked out everyone except for my home and work FreeBSD uses hosts.allow only. > machines. I think that I need to edit the /etc/rc.firewall file. Is this a > good idea to deny everyone except for a few users and how would I do that? > > I'm running 4.4 stable. Is that good enough or should I get the 4.5 > release? Depends. 4.4 is good, but 4.5 has some networking and NFS fixes/improvements. > > Do I need to upgrade/update any files or do anything else to secure the > machine? If so, could you send me a good link or give me some help please? man security http://www.freebsd.org/security -steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message