Date: Tue, 29 Sep 2009 16:12:52 +0100 From: krad <kraduk@googlemail.com> To: doug schmidt <douglas.j.schmidt@gmail.com> Cc: Aflatoon Aflatooni <aaflatooni@yahoo.com>, freebsd-questions@freebsd.org Subject: Re: hardening guideline for Freebsd 7.2 Message-ID: <d36406630909290812t9530891q45c07a07bd96b7e@mail.gmail.com> In-Reply-To: <320306640909290730l2b3841c1q8763f5e802a06595@mail.gmail.com> References: <837.63581.qm@web56202.mail.re3.yahoo.com> <320306640909290730l2b3841c1q8763f5e802a06595@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2009/9/29 doug schmidt <douglas.j.schmidt@gmail.com> > center for internet security benchmarks; > > http://www.cisecurity.org/bench_freebsd.html > > > On Sat, Sep 26, 2009 at 8:27 AM, Aflatoon Aflatooni <aaflatooni@yahoo.com > >wrote: > > > Hi, > > Is there a hardening guideline for Freebsd 7.2? > > > > Thanks > > > > > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > looks a bit old that guide does. Freebsd is actually fairly secure out of the box. What you need to establish is what kind of usage you are going to have. eg If you are going to be giving lots of people shell access, then what you will need to do will be quite different than if you were setting up an apache web server. Generally I would say just make sure there are no exploits for the services you are going to enable/install and put them into a jail. Write a decent pf ruleset for your needs. Above all though restrict access to the box to the bare minimum of what you can get away with
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d36406630909290812t9530891q45c07a07bd96b7e>