Subject: Re: Securing NetBSD
To: Emre Yildirim <emre@srengineering.com>
From: Jon Lindgren <jlindgren@slk.com>
List: netbsd-users
Date: 02/28/2001 06:19:20
On Tue, 27 Feb 2001, Emre Yildirim wrote:
[snip]
> There isn't really much to it, since NetBSD is fairly secure by
> default. Make sure you apply the latest security patches (especially
> if you aren't using -current), and disable all services but ssh,
> since this is going to be a firewall. And of course don't give out
> user accounts on your firewall. After that you should be set.
I wouldn't even enable ssh. If it's a firewall, the only way to get to it
should be via the console. Opening it up to any form of remote access
gives rise to the possibility of something, somehow gaining access and
comprimising the security of any networks or hosts involved.
Just my $0.02
-
Jon
--------------------------------------------------------------------
- The opinions expressed are not necesarily those of my employer.
"I wonder how many people actually read my .sig?"