securing FreeBSD
Roland Smith
rsmith at xs4all.nl
Wed Jul 13 22:15:16 GMT 2005
On Wed, Jul 13, 2005 at 01:05:43PM +0200, alexandre.delay at free.fr wrote:
> I would like to secure my FreeBSD server.
> I don't want anyone to be able to access to the disk using a bootable
> CD (or by setting the actual hdd to secondary and plug an other
> primary hdd).
Put the machine in a locked cabinet (which should have enough
ventilation holes). The cabinet should be bolted to the floor or the
wall. How sturdy the cabinet needs to be depends on what kind of attack
it should withstand, and for how long...
> I just don't want anyone to be able to hack this box nor any password.
Disable all unneeded services and accounts. Allow root login from the
console only. If you have physical access, disallow remote login
entirely. Use long random passwords. Keep on top of security
updates. Install intrusion detection systems.
Roland
--
R.F.Smith (http://www.xs4all.nl/~rsmith/) Please send e-mail as plain text.
public key: http://www.xs4all.nl/~rsmith/pubkey.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050714/bab795c2/attachment.bin
More information about the freebsd-questions
mailing list