Newbie Security Concerns
atkielski.anthony at wanadoo.fr
Tue Feb 8 12:34:02 PST 2005
crzdgns1 at starpower.net writes:
> I am a new user of UNIX and FreeBSD and have never had to do any
> administration or security configuration myself before. I am running
> IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my
> logs and discovered that sshd reported many illegal users. Does
> that mean my system i compromised? As configured, there are only
> three accounts on my system, root, toor, and one user account for
> me. I suppose you need more information from me, but am not sure
> what to provide. Any help would be greatly appreciated.
FreeBSD is no more or less vulnerable than most other operating systems.
It can be very secure if you are careful about what you run on the
system, and it can be very insecure if you run everything under the sun
without taking any precautions.
Fortunately, there aren't as many kiddies trying to break into UNIX as
there are trying to break into Windows these days, but at the same time,
a majority of reported security bugs these days seem to be on Linux.
A more important question is the use you intend to make of the system.
A desktop system can be secured more easily than a server, because a
desktop doesn't have to answer unsolicited incoming traffic from the
Net, whereas a server _must_ do this, by definition. So servers always
have a few doors open, whereas you can close all the doors on a desktop.
The only virus infection I've ever had, ironically, was on FreeBSD, when
a worm found its way into the Web server. It was a software bug, and
since the HTTP port _must_ be open in order for the server to handle my
Web site, I couldn't just lock things out. The worm didn't get far,
though, because, when it tried to call its master, the reply from its
master was blocked by my firewall. Still, that's the only virus
infection I've had in decades of working on computers, as far as I can
More information about the freebsd-questions