Date: Sat, 24 Feb 2007 09:57:41 -0800 From: Bob Madore <bob@dexis.net> To: Derek Ragona <derek@computinginnovations.com> Cc: David Schulz <mailinglists@tca-cable-connector.com>, freebsd-security@freebsd.org Subject: Re: Advice for Internet facing Mailserver Message-ID: <45E07C95.8040606@dexis.net> In-Reply-To: <6.0.0.22.2.20070223125703.025529d8@mail.computinginnovations.com> References: <8F62D3F1-B5AF-442F-B492-67D28FDCE9F0@tca-cable-connector.com> <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.com> <6.0.0.22.2.20070223125703.025529d8@mail.computinginnovations.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Another program to consider is DenyHosts http://denyhosts.sourceforge.net/ It works exceptionally well. Bob Derek Ragona wrote: > You might want to use /etc/hosts.allow to restrict some protocols > further. > > -Derek > > > At 10:17 AM 2/23/2007, David Schulz wrote: >> Hello and good day, >> >> i have setup a Server which is directly connected to the Internet, >> without NAT-Router or other Firewall Appliance. I am using FreeBSD >> 6.2. I have pf enabled to only allow traffic on specified Ports. I am >> using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There >> is only one /home/User, which authenticates via a Key with Pass- >> phrase to sshd. The Mail-users all authenticate to a mysql database. >> I know that i could make use of chroot or better jail to secure the >> machine from possible exploits in postfix & co, but i am not yet >> comfortable with jail. Other then keeping my Ports (and system) up to >> date, can you give me some tips on how to secure my Box a little bit? >> >> Thanks a lot, >> David >> _______________________________________________ >> freebsd-security@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-security >> To unsubscribe, send any mail to >> "freebsd-security-unsubscribe@freebsd.org" >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> MailScanner thanks transtec Computers for their support. >> >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45E07C95.8040606>