From owner-freebsd-questions Tue Aug 28 7:13:35 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dv-db.com (dv-db.com [207.159.141.95]) by hub.freebsd.org (Postfix) with ESMTP id 7102537B405 for ; Tue, 28 Aug 2001 07:13:29 -0700 (PDT) (envelope-from mark@dvdnews.co.uk) Received: from mark2 (host217-35-35-6.in-addr.btopenworld.com [217.35.35.6]) by dv-db.com (8.9.3/8.9.3) with SMTP id PAA15391; Tue, 28 Aug 2001 15:13:20 +0100 (GMT/BST) Message-ID: <02e801c12fcb$89f55db0$0200a8c0@mark2> From: "Mark Hughes" To: , References: <62d801c12fc9$e3edd0b0$0a05030a@internal.ramnet.gr> Subject: Re: Security ! Date: Tue, 28 Aug 2001 15:12:25 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-7" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I'm busy securing our LAN and I need to setup a freebsd 4.3 box that will run as firewall and protect my vulnerable network from the internet chaos. I also think of running NAT there too. > > There appear to be quite a lot of hackers and intruders in the wild and I need to keep them out of my lan. > > I'd appreciate any suggestions or links/references to stuff that can help me on this. Although I can't remember any off the top of my head, if you do a search on google for the topic then you'll find a host of resources. Check out www.mostgraveconcern.com/freebsd - I think (althoguh I'm not sure) that they have a tutorial on the issue. > Also, are there any scripts that can be run periodically on a computer and check if there are changes made to files ? Check out tripwire from the ports (/usr/ports/security/tripwire) - in the words of one of my friends a couple of days back "it monitors key system files and goes beserk if anything changes". Not tried it myself, but sounds like what you are looking for. He used a good tutorial for setting up his box actually, to do similar things to you...I'll just see if I can find the address.... http://www.schlacter.dyndns.org/public There you go. Although it seems to be offline at this precise minute, I'd give it another try later. Hope this all helps in some small way. Regards, Mark -- Mark Hughes - DVD & Film Content Manager, Technical Officer Digital Spy Ltd http://www.digitalspy.co.uk/ Your number one source for digital media and entertainment news! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message