Re: suid bit files + securing FreeBSD

From: Peter Rosa (prosa_at_pro.sk)
Date: 07/27/03

  • Next message: Socketd: "Re: suid bit files + securing FreeBSD (new program: LockDown)"
    To: "twig les" <twigles@yahoo.com>
    Date: Sun, 27 Jul 2003 15:37:24 +0200
    
    

    Absolutely perfect. Fantastic. Exactly the type of information, I looked a
    long time ago.

    Meny tkanks and have a nice day.

    Peter Rosa

    ----- Original Message -----
    From: "twig les" <twigles@yahoo.com>
    To: "Peter Rosa" <prosa@pro.sk>; "FreeBSD Security"
    <freebsd-security@freebsd.org>
    Sent: Sunday, July 27, 2003 6:17 AM
    Subject: Re: suid bit files + securing FreeBSD

    > I don't know exactly what you mean by "wizard", maybe a
    > menu-driven gui like Nero or M$ Lookout or something? Anyhoo I
    > really like this checklist here:
    > http://sddi.net/FBSDSecCheckList.html. I guess one could script
    > a lot of this. This page also has a boatload of links at the
    > bottom.
    >
    > As for perfect security I like to run Sendmail and BIND on
    > RedHat myself, unless I can get my hands on an IIS box. woot!
    > Sorry, it's late Saturday, thus I'm feeling mischievous.
    >
    > >
    > > Second question is: Has anybody an exact wizard, how to secure
    > > the FreeBSD machine. Imagine the situation, the only person
    > > who
    > > can do anything on that machine is me, and nobody other. I
    > > have
    > > set very restrictive firewalling, I have removed ALL tty's
    > > except
    > > two local tty's (I need to work on that machine), but there
    > > are
    > > still open port 25 and 53 (must be forever), so someone very
    > > tricky can compromite my machine.
    > >
    > > I'm a little bit paranoic, don't I :-)))))))
    > >
    > > Cheers,
    > >
    > > Peter Rosa
    > > _______________________________________________
    > > freebsd-security@freebsd.org mailing list
    > > http://lists.freebsd.org/mailman/listinfo/freebsd-security
    > > To unsubscribe, send any mail to
    > "freebsd-security-unsubscribe@freebsd.org"
    >
    >
    > =====
    > -----------------------------------------------------------
    > Emo is what happens when the glee club goes punk.
    > -----------------------------------------------------------
    >
    > __________________________________
    > Do you Yahoo!?
    > Yahoo! SiteBuilder - Free, easy-to-use web site design software
    > http://sitebuilder.yahoo.com
    > _______________________________________________
    > freebsd-security@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-security
    > To unsubscribe, send any mail to
    "freebsd-security-unsubscribe@freebsd.org"
    >

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Socketd: "Re: suid bit files + securing FreeBSD (new program: LockDown)"

    Relevant Pages

    • Re: Problem with periodically done scripts
      ... try my scripts, I never have any problems with them, so don't even understan ... >> Peter Rosa ... To unsubscribe, ...
      (freebsd-questions)
    • Re: Perl split() question (OT)...
      ... > This is a job for......capturing parens!!! ... Absolutely perfect!! ... Steve ... To unsubscribe, ...
      (freebsd-questions)
    • Defragment HDD
      ... HDDs under FreeBSD? ... Peter Rosa ... To unsubscribe, ...
      (freebsd-questions)
    • Re: suid files
      ... Peter Rosa wrote: ... Is there some list of files, installed from FreeBSD, which HAVE suid-bit ... /etc/periodic/daily/450.status-security which performs a daily check on setuid ... To unsubscribe, ...
      (freebsd-questions)
    • Re: Problem with periodically done scripts
      ... In the last episode, Peter Rosa said: ... Dan Nelson ... To unsubscribe, ...
      (freebsd-questions)