Date: Mon, 13 Sep 1999 09:07:38 +0200 From: Jeroen Ruigrok/Asmodai <asmodai@wxs.nl> To: "James E . Housley" <jim@thehousleys.net> Cc: freebsd-hackers@FreeBSD.ORG, Nate Williams <nate@mt.sri.com> Subject: Re: A Challenge Message-ID: <19990913090738.G89309@daemon.ninth-circle.org> In-Reply-To: <199909100504.XAA09058@mt.sri.com> References: <37D87080.4D44E9C4@thehousleys.net> <199909100504.XAA09058@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Nate Williams (nate@mt.sri.com) [990910 07:14]: >In any case, if you install a recent version of FreeBSD, I doubt Mr. NT >is capable of crashing FreeBSD from externally. Just make sure he >doesn't have an account on it, since it's much easier to cause Denial Of >Service attacks if you don't spend alot of time setting up limits and >such. Going even further than what Nate said, remove all accounts you don't need. Give only accounts to those who need to admin the box, other than that DO NOT give away accounts. Make sure the security log files sent by email are being sent to the correct persons. Remove /usr/src and compile kernels on a secondary host so you are sure that compiling stuff on the firewall is hard after a compromise. Use ssh and ditch telnet. read security(9) -- Jeroen Ruigrok van der Werven/Asmodai asmodai(at)wxs.nl The BSD Programmer's Documentation Project <http://home.wxs.nl/~asmodai>; Network/Security Specialist BSD: Technical excellence at its best If Winter comes, can Spring be far behind? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990913090738.G89309>