Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 23 Feb 2007 12:57:38 -0600
From:      Derek Ragona <derek@computinginnovations.com>
To:        David Schulz <mailinglists@tca-cable-connector.com>, freebsd-security@freebsd.org
Subject:   Re: Advice for Internet facing Mailserver
Message-ID:  <6.0.0.22.2.20070223125703.025529d8@mail.computinginnovations.com>
In-Reply-To: <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.c om>
References:  <8F62D3F1-B5AF-442F-B492-67D28FDCE9F0@tca-cable-connector.com> <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.com>
index | next in thread | previous in thread | raw e-mail 

You might want to use /etc/hosts.allow to restrict some protocols further.

         -Derek


At 10:17 AM 2/23/2007, David Schulz wrote:
>Hello and good day,
>
>i have setup a Server which is directly connected to the Internet,
>without NAT-Router or other Firewall Appliance. I am using FreeBSD
>6.2. I have pf enabled to only allow traffic on specified Ports. I am
>using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There
>is only one /home/User, which authenticates via a Key with Pass- phrase to 
>sshd. The Mail-users all authenticate to a mysql database.
>I know that i could make use of chroot or better jail to secure the
>machine from possible exploits in postfix & co, but i am not yet
>comfortable with jail. Other then keeping my Ports (and system) up to
>date, can you give me some tips on how to secure my Box a little bit?
>
>Thanks a lot,
>David
>_______________________________________________
>freebsd-security@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
>
>--
>This message has been scanned for viruses and
>dangerous content by MailScanner, and is
>believed to be clean.
>MailScanner thanks transtec Computers for their support.
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20070223125703.025529d8>