Date: Mon, 11 Mar 1996 08:47:28 +0100 (MET) From: Ollivier Robert <roberto@keltia.freenix.fr> To: sreid@edmbbs.iceonline.com Cc: security@FreeBSD.ORG Subject: Re: How secure is FreeBSD 2.1 right after install? Message-ID: <199603110747.IAA01731@keltia.freenix.fr> In-Reply-To: <9603101704.D6300AZ@edmbbs.iceonline.com> from "sreid@edmbbs.iceonline.com" at "Mar 10, 96 05:04:26 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
It seems that sreid@edmbbs.iceonline.com said: > I've already disabled the r*, finger and telnet services in inetd.conf. > I don't expect I'll need them. Is there anything else I need to worry > about? Put some filters on your Cisco; refuse any internal address coming from the external interface (IP spoofing), add access lists for what you don't want to come from the Internet. > I'm concerned that X might be a potential security hole, since it uses > TCP port 6000 to accept connections from clients... Can I close off > remote access to the X server without having to install a firewall? I Block all connection attempts coming to port 6000-6099 coming from the Internet. Use Xauthority-style authentication on the X server. > won't need to access the X server from the LAN. Can X be set to ignore > the TCP port? You'll have to hack the source, that's not really necessary if you block at the router level. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net FreeBSD keltia.freenix.fr 2.2-CURRENT #1: Tue Feb 20 01:16:51 MET 1996
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199603110747.IAA01731>