Hardening FreeBSD, does anyone have any documentation that may help?

[Chris]

On 20/11/06, Jeremie Le Hen <jeremie at le-hen.org> wrote:
> Hi Vini,
>
> (Sorry for sending this mail twice, I've unintentionally removed the
>  From: line in my previous email.)
>
> On Thu, Nov 09, 2006 at 11:54:10PM +1100, Vini Engel wrote:
> > Hi guys,
> >
> > This may not seem to be the best place to ask for this but as this is
> > supposed to be a list for high level discussions I am assuming that some
> > people have must know how to harden FreeBSD and/or may have articles and
> > other docs that can be shared.
> >
> > We have a set of simple policies that are used to harden FreeBSD
> > machines but I would like make it better and also would like to see how
> > people do it out there so that I can pick the ideas that we find
> > interesting/useful for us here and improve our hardening skills.
> >
> > Our machines range from dns servers to mail servers and a few
> > router/firewalls. Some of them don't have to have anything special but
> > some others have to comply with the policy of the highly protected
> > networks that they live in, hence the reason why I want to improve my
> > hardening skills.
> >
> > Any info will be greatly appreciated!
>
> I have a patch to integrate ProPolice into FreeBSD RELENG_6.
> Though this is obviously not officially supported by FreeBSD,
> some people (including me) use it on production servers.  It
> might be worth using it, depending on which security measures
> you are looking for.
>
> See http://tataz.chchile.org/~tataz/FreeBSD/SSP/
>
> Regards,
>
> --
> Jeremie Le Hen
> < jeremie at le-hen dot org >< ttz at chchile dot org >
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>

would love to see this in the base especially considering its been in
dragonfly and openbsd for some years now.

chris