From owner-freebsd-hackers Mon May 11 05:47:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA03458 for freebsd-hackers-outgoing; Mon, 11 May 1998 05:47:37 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from att.com (kcgw1.att.com [192.128.133.151]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id FAA03437 for ; Mon, 11 May 1998 05:47:32 -0700 (PDT) (envelope-from sbabkin@dcn.att.com) From: sbabkin@dcn.att.com Received: by kcgw1.att.com; Mon May 11 07:47 CDT 1998 Received: from dcn71.dcn.att.com ([135.44.192.112]) by kcig1.att.att.com (AT&T/GW-1.0) with ESMTP id HAA20991 for ; Mon, 11 May 1998 07:47:28 -0500 (CDT) Received: by dcn71.dcn.att.com with Internet Mail Service (5.0.1458.49) id ; Mon, 11 May 1998 08:47:21 -0400 Message-ID: To: fiber@phy.iitkgp.ernet.in Cc: hackers@FreeBSD.ORG Subject: RE: how safe is FreeBSD 2.2.5 Date: Mon, 11 May 1998 08:47:20 -0400 X-Priority: 3 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.0.1458.49) Content-Type: text/plain Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > ---------- > From: Sanjit Roy[SMTP:fiber@phy.iitkgp.ernet.in] > > I need some advise regarding the security level in FreeBSD. Lately, a > lot of students in my university campus have been into hacking > activity. > I have a Linux (kernel 1.2.8) system on one of my mail gateways and > it's > a piece of cake becoming 'root' on that machine. I immediately need to > upgrade that to either REDHAT Linux 5.0 or FreeBSD 2.2.5. I have both > the flavours of unix available with me. > > What I want to know is : > > 1. which of the two is more secure? > I believe, FreeBSD > 2. Is shadow util really effective in Linux. Don't know if there's one > in FreeBSD? > Yes, it is effective if you enable it. FreeBSD has master.passwd which is functionally the same (and there are reasons why it's better for supporting many user account). > 3. what do i have to do/install to make my system secure i.e, what are > the available patches and where do i get them? > For Linux you will need at least to walk through inetd.conf and disable lots of never-used services that make system more vulnerable and are by some reason enabled by default in Linux. -Serge To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message