From owner-freebsd-questions@FreeBSD.ORG Thu May 13 10:39:08 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D60D31065677 for ; Thu, 13 May 2010 10:39:08 +0000 (UTC) (envelope-from pekka.niiranen@pp5.inet.fi) Received: from jenni1.inet.fi (mta-out.inet.fi [195.156.147.13]) by mx1.freebsd.org (Postfix) with ESMTP id 402298FC0C for ; Thu, 13 May 2010 10:39:07 +0000 (UTC) Received: from [192.168.12.3] (84.250.94.207) by jenni1.inet.fi (8.5.014) (authenticated as niirpe-11) id 4B17DDDA06280376; Thu, 13 May 2010 13:27:25 +0300 Message-ID: <4BEBD41F.1080703@pp5.inet.fi> Date: Thu, 13 May 2010 13:27:43 +0300 From: Pekka Niiranen User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 Newsgroups: gmane.os.freebsd.questions To: Matthew Seaman References: <4BEB9534.2020403@infracaninophile.co.uk> In-Reply-To: <4BEB9534.2020403@infracaninophile.co.uk> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-PCToolsMIME: Updated by PC Tools Mime Parser 1.0.0.4 Cc: questions@freebsd.org, Artur Sentsov Subject: Re: From Arthur Sentsov - Questions from beginner X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2010 10:39:09 -0000 Matthew Seaman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 13/05/2010 05:41:47, Artur Sentsov wrote: > >> 1. I have freebsd server running apache and mysql. In logs i see around 100 >> attempts to hack the server. Is that normal? what i have to do that after >> three wrong attempts to enter password server will block ip address?! > Use pf -filter to collect attempts to a list. That list will then be used to block attempts in future (aka bruteforce option). > Do you mean attacks against the web server? > > Automated web probes attempting to exploit various security flaws are, > I'm afraid, completely normal nowadays. The good news is that most of > the probe attempts are aimed at other operating systems, and could never > work on FreeBSD. Even so, you should take care to apply any available > security patches promptly. Unfortunately there aren't many good ways to > automatically block bruteforce attacks against web applications -- too > many different ways of implementing passwords in different web apps. > Use good passwords basically. > >> 2. I use SSH to sonnect to server and work on it! Is that secure? > > On the other hand, do you mean attempts to bruteforce attacks against > ssh? Again, this is unfortunately normal on the web nowadays. > > Yes, ssh is generally secure. It's certainly better than alternative > means of remote access. > > If you have good passwords on your accounts, the chances of any attacker > being able to guess what they are is actually very remote. So no need > to run about in a complete panic. Take your time to read up on the > possible solutions and implement what works best for you. > > One very simple means you can use to make it completely impossible for > any attacker to bruteforce an ssh password on you machine is to use key > based authentication instead: no passwords means no possibility of them > being guessed. This will not stop bruteforce /attempts/ -- they are > usually done entirely automatically -- and the traces will still clog up > your log files, but you can safely ignore them. > > This is a perennial topic on this list -- search the archives for many, > many reiterations of people giving realms of good advice about what to > do to defend yourself. > >> 3. How to setup SAMBA on server?! I want my users to be able to upload files >> and download files from their folder. Users use windows. > > Well, install the one of the samba ports -- net/samba34 is probably your > best bet -- and read the very good documentation that comes with it. > > Cheers, > > Matthew > > - -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > Kent, CT11 9PW > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.14 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkvrlTQACgkQ8Mjk52CukIzQWwCePA1dH42HG4DH+yI9wkrUOXrq > M2IAn1B19pICPnD6F47CPYDXQptq4Aad > =dCkW > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > ======= Email scanned by PC Tools - No viruses or spyware found. (Email Guard: 7.0.0.18, Virus/Spyware Database: 6.14980) http://www.pctools.com/ =======