From owner-freebsd-security Mon May 31 18:54: 2 1999 Delivered-To: freebsd-security@freebsd.org Received: from tasam.com (tasam.com [206.161.83.22]) by hub.freebsd.org (Postfix) with ESMTP id 532D314D27 for ; Mon, 31 May 1999 18:53:45 -0700 (PDT) (envelope-from clash@tasam.com) Received: from bug (bug.tasam.com [206.161.113.114]) by tasam.com (8.9.3/8.9.1) with SMTP id VAA05185; Mon, 31 May 1999 21:53:28 -0400 (EDT) Message-ID: <002701beabd1$90441c90$7271a1ce@tasam.com> From: "Joe Gleason" To: "Unknow User" , References: <3752E531.54B2845C@tdnet.com.br> Subject: Re: Shell Account system Date: Mon, 31 May 1999 21:53:28 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Use find to locate all suid programs on the system. Remove suid from any you don't think you need. Read man pages if unsure. If still unsure, remove suid anyways. Edit /etc/inetd.conf Disable everything you don't know you need. (As above with suids) Go through rc.conf. Disable things you don't need. If you have a program or service you are installing, try to see if you can get it to run as non-root. I usally like this aproach of removing things that you don't need to minimize security risk. Joe Gleason Tasam ----- Original Message ----- From: Unknow User To: Sent: Monday, May 31, 1999 15:38 Subject: Shell Account system > I have plans to set up a FreeBSD box to act as a shell account! > I know that security on shell account servers NEED to be very fine, > right? > Does anybody can point me some url where i can read security tips on > FreeBSD/UNIX ? > Another questions: where can i read a good tutorial avbout opie ? > > > -- > "The box said 'Requires Windows 98, NT, Linux or better' so I > installed FreeBSD." > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message