Date: Thu, 12 Oct 2017 16:38:05 -0400 From: Mike Tancsa <mike@sentex.net> To: "Ronald F. Guilmette" <rfg@tristatelogic.com>, freebsd-questions@freebsd.org Subject: Re: Install-time "hardening" options Message-ID: <21945e9b-6573-5f8d-9b6d-26bbb8bfd748@sentex.net> In-Reply-To: <4436.1507830609@segfault.tristatelogic.com> References: <4436.1507830609@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/12/2017 1:50 PM, Ronald F. Guilmette wrote: > > (*) Hide processes running as other users > > Well, I mean, yea. Obviously. If you ain't root, then processes > belonging to other users are none of your damn business. So, um, > why is this even optional? One thing to be aware of is if you do any sort of process monitoring via nagios/nrpe, things wont work by default. But yes, a good idea. Just a little extra work for nrpe clients. > (*) Disable opening Syslogd network socket (disables remote logging) Is not the default -s and this options makes it -ss. "disable remote logging" as in the host you are configuring cannot send out messages to other syslogd servers. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?21945e9b-6573-5f8d-9b6d-26bbb8bfd748>