Date: Wed, 5 Dec 2001 17:46:54 +0000 (GMT) From: =?iso-8859-1?q?Matt=20Sykes?= <mattmsykes@yahoo.co.uk> To: freebsd-stable@freebsd.org Subject: naive security question Message-ID: <20011205174654.93719.qmail@web21009.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I have a recently cvsupped SMP 4.4-stable running great. ipfilter is: - blocking (all?) spoofs and smurfs - blocking all packets on all ports except: - packets part of inside-initiated tcp/udp/icmp connections - tcp SYN packets on port 22 (ssh) The setup is taken directly from the ipf-howto. So all unwanted packets are dropped except for SYN/22 packets. This leaves me open to SYN flooding and username/password guessing. After some google research, it appears FreeBSD is pretty good at combating the flooding problem. As for username/password guessing, there's not much I can do about that other than picking a 'good' password and checking the logs. Oh and there could be an exploit in OpenSSH. My naive view is that this setup looks -pretty good-. My question is: how confident should I be? Is it really worthwhile for me to spend time setting up tripwire, kernel levels, etc? How many people are that really that paranoid (paranoia being a good thing)? I am a software developer (this box is at work), so the more time I spend developing software the better. Thanks. ________________________________________________________________ Nokia 5510 looks weird sounds great. Go to http://uk.promotions.yahoo.com/nokia/ discover and win it! The competition ends 16 th of December 2001. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011205174654.93719.qmail>