Date: Fri, 05 Dec 2014 19:28:54 -0500 From: Eric Popelka <arickp@cox.net> To: freebsd-questions@freebsd.org Subject: Staying safe and sound Message-ID: <54824DC6.5090605@cox.net>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, I'm administering FreeBSD on a public-facing virtual server as a side project/resume builder/etc. My question is: what should I be doing to keep the blackhat hax0rz away? I do some of the obvious (firewalling most inbound traffic with ipfilter, reading the log files daily). I'm still on FreeBSD 10.0, so I'm assuming that I should upgrade the kernel to 10.1. If I do go up to 10.1, is this simple enough on a running system? I don't want to lose whatever drivers/modules/etc. that came with the fresh DVD install of 10.0 (the virtual is running FreeBSD using Xen, if that makes a difference). I assume I should also be doing pkg update; pkg upgrade on a regular basis, too. Anything else I should be doing -- is there another mailing list or RSS feed that notifies you about major vulnerabilities? (Yes, I realize OpenBSD is the choice for those serious about security, but like I said, this is mostly a playground server for personal use. That said, I don't want to become an open relay, have my site defaced, etc.) Thanks, Eric Popelka / arickp@cox.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJUgk3GAAoJEBQPax3MeNrTTeUP/RjuTrzx8NFTEvAdPmM6dB+s kSADEEX3R1bYGpk9BxoH0lIY0N0BE60A1DvtzFvzwN8IdTWODjqcS8wgbxNahCc8 DA5QTpfqfvKwp84h5/kmOj6hL5dCRiMDTVG+yYZSf33FiRwpSzaZ7ca9UwyZ3UMX RflVyKF0eBiMtxmvGq+Ydjg53m3rCh7J4g2Ci0Zx1stT8OVxZXYrPFtC2ZVB7FZ+ wsehMkP+IPXvM3JPn0t7EEJF8vvcLrq4xdIS/kBtbyk+WtMRXXmN2ThLZq8MmuLf lsBHDsK5zxPtnq48LdVz49cBgX5PF5NPF6+UFx9vinHmOTKFqIJBOwe+9Tl3v/Tc gC/Zbw0ko6Pt94sV8yU6TJvV2nX8iRMac2nTobC2SiHDbdtmg+tyh7It/e5jSld4 YWAaNMJsSHOSieBUvN/JvVKWPwRuFDp/eCCsrgmSdKfsi4tx3EzIHfwJBZExBumn q4V2WIZ9rV/w1H0S+Ak7UnWLciu/fvxpnC2fEMpNUgcf5TBDzt+QLhBwWLFGuWDx IaS8LzQC3MPXZTW0qi0S2aAw4U7gGK10nuEeCHlxqxal2+s/BC48CFoIBTtZUUQm nuhgz15gXYntEOOCB+xmFeHTE4Ulht49NYSqYCUomzhLn5tMdoNdf3qWRmfU9xOA 3UlfqU47oVlI+Ren29xM =bg/Z -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54824DC6.5090605>