General Security Issues
db
db at traceroute.dk
Mon Mar 1 10:34:16 PST 2004
On Mon, 1 Mar 2004 16:48:07 +0200
"Konstantinos Fotiadis" <bookman at oteglobe.net> wrote:
> The box has no services running expect apache and we telnet to it via
> SSH. Main function of this box will be graphing various interfaces via
> rrdtool. So, I would like to ask if there is any other precautions
> that I must take in order to sleep safe at night. Should I check for
> any other opened ports ?
sockstat -l -4
>Should I do something with the kernel to be
> more secure ? I know this ain't so easy, but let's say my main scope
> is to get a least a decent sleep :-)
Try these ports (all under "security"):
lockdown
chkrootkit
portaudit
tripwire
snort
freebsd-update
just to name a few. Of course you should read about OpenSSH and Apache
security and keep them up to date. Maybe even run sshd at some high port
like 56789?
br
db
More information about the freebsd-security
mailing list