From owner-freebsd-questions  Tue Aug 28 13:15:36 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from lucy.tbscom.com (mail2.tbscom.com [205.215.40.5])
	by hub.freebsd.org (Postfix) with ESMTP id 4362F37B408
	for <freebsd-questions@FreeBSD.ORG>; Tue, 28 Aug 2001 13:15:28 -0700 (PDT)
	(envelope-from jake@coolbluei.com)
Received: from localhost (adsl-20-72-145.asm.bellsouth.net [66.20.72.145])
	by coolblueinteractive.org (8.10.2/8.10.2) with ESMTP id f7SKFOV21254
	for <freebsd-questions@FreeBSD.ORG>; Tue, 28 Aug 2001 16:15:24 -0400
Message-Id: <200108282015.f7SKFOV21254@lucy.tbscom.com>
Date: Tue, 28 Aug 2001 16:15:18 -0400
Content-Type: text/plain;
	format=flowed;
	charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v388)
From: jake@coolbluei.com
To: Freebsd-Questions <freebsd-questions@FreeBSD.ORG>
X-Mailer: Apple Mail (2.388)
Content-Transfer-Encoding: 7bit
Subject: helping in securing box
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I have a some questions in helping to secure two freebsd servers I 
have.  I am very new still to server administration and would be quite 
open to any tutorials that you can suggest.  But anyway here is what I 
think I want to do.

I have one server that is pretty much runs just apache/php/sendmail and 
another that runs mysql.  On the database server I would like to refuse 
all requests for anything that does not come from its subnet.  I thought 
there was a way to do this using /etc/hosts.deny but there doesn't seem 
to be that file on freeBSD. Even if there was I don't really know how to 
deny everything but a small set of ip's.
I would also only like to allow the database server to send admin emails 
out and not allow anything to else to be sent or received, is there a 
way to do this?  The web server i feel can be a lot more open but does 
anyone have some suggestions to help keep this from possible intrusions.

Thanks for your time and your responses;

Jake Smith

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message