Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Nov 1998  5:52 -0600
From:      "brianmcg" <bmcgroarty@high-voltage.com>
To:        "questions@freebsd.org" <questions@FreeBSD.ORG>
Subject:   FreeBSD 2.2.7-RELEASE - validating security
Message-ID:  <19981110055405612-47f124e@high-voltage.com>

next in thread | raw e-mail | index | archive | help
My employer plans on moving from Novell and cc:Mail to NT4 and Exchange.

I'm concerned with Exchange's stability, so I'm pushing IT on the idea of a
FreeBSD box for internal mail and news (our "bulletin boards").

Last night I installed and configured qpopper and innd successfully, and even on
a little 486/66 they seem to perform quite nicely, standing up against a pair of
mean Pentiums trying to throttle the little box with heavy mail and news posting
loops. We're a company of about 60, and I think a Pentium 100 in a back closet
somewhere should be ample to support all that we do.

The last aspect I'd like to test is security. I've got my test box up and
running as newtoy.com on the net presently, and next week I hope to make a
public posting offering $100 out of pocket to the first person who can get in
and retrieve either mail or news from my machine and tell me how they did it. If
the configuration stands up in that kind of a hostile environment, I would feel
confident that it would be secure against curious co-workers on our isolated
network.

Before I do this, I'd like to know if there are any known security issues with
the Walnut Creek distribution of 2.2.7-RELEASE or the included ports of qpopper
and innd. Any pointers would be -very- much appreciated. And if NewToy survives
the test with all its little secrets intact, I'll gladly make that $100 a
contribution to the FreeBSD efforts instead. ;)

Cheers!
Brian

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981110055405612-47f124e>