From owner-freebsd-questions Tue Aug 27 20:03:08 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id UAA19411 for questions-outgoing; Tue, 27 Aug 1996 20:03:08 -0700 (PDT) Received: from gdi.uoregon.edu (cisco-ts10-line11.uoregon.edu [128.223.150.109]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id UAA19402 for ; Tue, 27 Aug 1996 20:03:05 -0700 (PDT) Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.7.5/8.6.12) with SMTP id UAA00355; Tue, 27 Aug 1996 20:03:05 -0700 (PDT) Date: Tue, 27 Aug 1996 20:03:05 -0700 (PDT) From: Doug White Reply-To: dwhite@resnet.uoregon.edu To: SuperUser cc: questions@freebsd.org Subject: Re: HELP In-Reply-To: <32237167.1025@earthlink.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Tue, 27 Aug 1996, SuperUser wrote: > Hi, I have an INTERNET server running with FREEbsd and I need some info > on Security holes with it and the NET.. Please Send Me Some E-Mail on > it.. Thanks.. Well, we certainly hope there aren't any security holes that aren't already addressed. The primary problems can come from lesser-used daemons such as the r-utilities which can be spoofed. These are enabled by default and most people don't need them. I would suggest picking up a book on security. There is a new edition of an Internet security handbook that O'Reilly has, I think it's called "Practical Internet Security" or somesuch. Also check out the comp.unix.security (?) newsgroup & FAQ, and CERT (http://www.cert.org). If you haven't already, pick up the UNIX System Administration Handbook by Evi Nemeth et al.; that has a small section on security too. Hope this helps. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major