Date: Wed, 14 Feb 2001 12:24:33 -0600 From: Michael Lea <mlea@atomicbluebear.org> To: Kris Kennaway <kris@obsecurity.org> Cc: Rob Simmons <rsimmons@wlcg.com>, Ragnar Beer <rbeer@uni-goettingen.de>, freebsd-security@FreeBSD.ORG Subject: Re: security settings documentation Message-ID: <20010214122432.A76375@core.atomicbluebear.org> In-Reply-To: <20010214092909.B72301@mollari.cthul.hu>; from kris@obsecurity.org on Wed, Feb 14, 2001 at 09:29:09AM -0800 References: <p04330102b6b0697c0f5b@[134.76.136.114]> <Pine.BSF.4.21.0102141209460.15577-100000@mail.wlcg.com> <20010214092909.B72301@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Wed, 14 Feb 2001, Kris Kennaway wrote:
> Then write up some documentation for us and send it to doc@freebsd.org
Somewhat terse, but here's a little "feature" matrix:
Fascist High Moderate Low
inetd NO NO YES YES
sendmail NO YES YES YES
sshd NO YES YES YES
portmap NO NO * YES
nfs_server NO NO ** ***
securelevel YES (2) YES (1) NO NO
Any other configuration setting are, as near as I can tell, left unchanged.
For details on securelevel, see the init(8) man page.
NOTES:
* Portmap is enabled if the machine has been configured as either an NFS
client or an NFS server earlier in the installation process.
** If the machine has been configured as an NFS server, NFS will only run
on a reserved port.
*** No changes are made to the NFS configuration.
- Mike
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjqKzVwACgkQc9EFi4qQZEySTACgppRgyLkWRA+LJ7fIv8AYuM7T
W3UAoIQeTHPbvK2WXMzN2/tYYTPMIJpW
=TMdX
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010214122432.A76375>