Welcome to WebmasterWorld Guest from 54.159.214.250

Forum Moderators: bakedjake

FreeBSD 4.* vulnerabilities

I need a resource

   
3:20 pm on Jul 20, 2001 (gmt 0)



Anyone know any good locations for info on securing the latest versions of FreeBSD UNIX? Besides newsgroups
4:57 pm on Jul 20, 2001 (gmt 0)

10+ Year Member



There's always chapter 9 section 3 [freebsd.org] of the FreeBSD handbook [freebsd.org]. :)
5:27 pm on Jul 22, 2001 (gmt 0)

10+ Year Member



There are a handful of books on overall UNIX security from O'Reilly. They're good for novices, but aren't very good for reference material since they spend a lot of time describing stuff and little time on "you want this, you don't want that."

There are three basic items to simple unix security if you need to lock down a box like a webserver:

<a> comment out as much as you can in /etc/inetd.conf
<b> sendmail and BIND are monsters. If you need them, get books about them that talk security. Webservers generally don't need these two.
<c> subscribe to something that gives you security updates for your particular OS. Bugtraq is a good non-OS-specific one.

There are some other ideas that are generally good; like don't enable NFS (client or server) unless you really need it, avoid NIS/yp, and if you can turn off the startup of the portmapper (a.k.a. "rpcbind"), that'll save you some headache.

Hope this helps.

Rob++

Air

8:16 pm on Jul 22, 2001 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



....or the FreeBSD Security Information [freebsd.org] page.
2:24 pm on Jul 23, 2001 (gmt 0)



Thanks for the advice guys. I think I've found what I needed on that security page.
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month