homepage Welcome to WebmasterWorld Guest from 54.237.54.83
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
FreeBSD 4.* vulnerabilities
I need a resource
satanclaus




msg:912618
 3:20 pm on Jul 20, 2001 (gmt 0)

Anyone know any good locations for info on securing the latest versions of FreeBSD UNIX? Besides newsgroups

 

evinrude




msg:912619
 4:57 pm on Jul 20, 2001 (gmt 0)

There's always chapter 9 section 3 [freebsd.org] of the FreeBSD handbook [freebsd.org]. :)

windsor




msg:912620
 5:27 pm on Jul 22, 2001 (gmt 0)

There are a handful of books on overall UNIX security from O'Reilly. They're good for novices, but aren't very good for reference material since they spend a lot of time describing stuff and little time on "you want this, you don't want that."

There are three basic items to simple unix security if you need to lock down a box like a webserver:

<a> comment out as much as you can in /etc/inetd.conf
<b> sendmail and BIND are monsters. If you need them, get books about them that talk security. Webservers generally don't need these two.
<c> subscribe to something that gives you security updates for your particular OS. Bugtraq is a good non-OS-specific one.

There are some other ideas that are generally good; like don't enable NFS (client or server) unless you really need it, avoid NIS/yp, and if you can turn off the startup of the portmapper (a.k.a. "rpcbind"), that'll save you some headache.

Hope this helps.

Rob++

Air




msg:912621
 8:16 pm on Jul 22, 2001 (gmt 0)

....or the FreeBSD Security Information [freebsd.org] page.

satanclaus




msg:912622
 2:24 pm on Jul 23, 2001 (gmt 0)

Thanks for the advice guys. I think I've found what I needed on that security page.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved