Date: Sun, 25 Feb 2007 12:14:24 +0100 (CET) From: "Johan Berg" <jberg@jberg.pp.se> To: "David Schulz" <mailinglists@tca-cable-connector.com> Cc: freebsd-security@freebsd.org Subject: Re: Advice for Internet facing Mailserver Message-ID: <1336.213.66.132.131.1172402064.squirrel@webmail.uni-q.se> In-Reply-To: <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.com> References: <8F62D3F1-B5AF-442F-B492-67D28FDCE9F0@tca-cable-connector.com> <2FF03F09-23CA-44ED-87BA-673095FFE430@tca-cable-connector.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The FreeBSD Handbook also have some good tips: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html Regards, -- Johan Berg On Fri, February 23, 2007 17:17, David Schulz wrote: > Hello and good day, > > i have setup a Server which is directly connected to the Internet, > without NAT-Router or other Firewall Appliance. I am using FreeBSD > 6.2. I have pf enabled to only allow traffic on specified Ports. I am > using Apache-13 + Postfix + Dovecot & mysql for my Mail-system. There > is only one /home/User, which authenticates via a Key with Pass- > phrase to sshd. The Mail-users all authenticate to a mysql database. > I know that i could make use of chroot or better jail to secure the > machine from possible exploits in postfix & co, but i am not yet > comfortable with jail. Other then keeping my Ports (and system) up to > date, can you give me some tips on how to secure my Box a little bit? > > Thanks a lot, > David > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > -- Johan Berg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1336.213.66.132.131.1172402064.squirrel>