Date: Fri, 27 Apr 2001 09:51:46 -0400 From: "Michael Scheidell" <scheidell@fdma.com> To: <freebsd-security@freebsd.org> Subject: Re: Connection attempts (& active ids) Message-ID: <001f01c0cf21$3b25fe70$0503a8c0@fdma.com> References: <200104260303.f3Q33CK49974@caerulus.cerintha.com> <Pine.BSF.4.31.0104260238340.8377-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
From: "Mike Silbersack" <silby@silby.com> > Well, by listening on more ports, you're just making yourself a more > appealing target. As such, I don't think you're really increasing your > security. It's attacks on the services that you're running which matter. > who said I was listening on any ports? icmp echo is blocked (ipfw deny) I just parse the ipfw log for 'Reject|Deny' Just added rules for hosts.allow also, in case you allow telnet form some hosts and not others. easy to implement. register at mynetwatchman.com (get a username/password) install the tarbal for freebsd (perl script, puts sh in /usr/local/etc/rc.d) fire up up and go away. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001f01c0cf21$3b25fe70$0503a8c0>