Reply
 
Thread Tools Display Modes
  #1  
Old 10-14-2005, 01:43 AM
mianwright mianwright is offline
Junior Member
 
Join Date: Aug 2005
Location: Austin, TX
Posts: 22
Thanks: 0
Thanked 0 Times in 0 Posts
Default Favorite Security Tweaks
I have really enjoyed this forum and I think PC-BSD is great. I have been playing around with FreeBSD for over a year and PC-BSD is a great leap forward in simplicity and style. Well done everyone.

I am running OpenBSD on another box that I have but the community of support is just not as strong as FreeBSD. I would like to think that my FreeBSD box is locked down as tight as my OpenBSD but I know that's not true. I also wonder if Kris has disabled everything that the typical desktop user wouldn't use that might be a security issue.

My question to y'all is: what are your favorite security tweaks? What do I need to turn off? I don't need a webserver, ftp, mail server, none of it. Your thoughts would be much appreciated.

Ian
Reply With Quote
  #2  
Old 10-14-2005, 02:34 AM
Charles Charles is offline
Senior Member
 
Join Date: May 2005
Posts: 3,710
Thanks: 0
Thanked 0 Times in 0 Posts
Default
I like to recompile kernel with ipfw.
Reply With Quote
  #3  
Old 10-16-2005, 09:44 AM
mianwright mianwright is offline
Junior Member
 
Join Date: Aug 2005
Location: Austin, TX
Posts: 22
Thanks: 0
Thanked 0 Times in 0 Posts
Default
cool. That is exactly what I was curious about. Isn't that the same firewall that comes standard on the Mac OSX? Do you use a GUI? I also disabled inetd and sendmail on OpenBSD but I am not sure their status in PC-BSD.
Reply With Quote
  #4  
Old 10-16-2005, 01:49 PM
antik antik is offline
Senior Member
 
Join Date: Jul 2005
Location: Estonia
Posts: 3,610
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Originally Posted by mianwright
cool. That is exactly what I was curious about. Isn't that the same firewall that comes standard on the Mac OSX? Do you use a GUI? I also disabled inetd and sendmail on OpenBSD but I am not sure their status in PC-BSD.
You can read /etc/defaults/rc.conf file to disable default values DO NOT EDIT! Please add disable linest to /etc/rc.conf for this.
__________________
"All parts should go together without forcing. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer." -- IBM maintenance manual, 1975
Reply With Quote
  #5  
Old 10-18-2005, 12:00 AM
mianwright mianwright is offline
Junior Member
 
Join Date: Aug 2005
Location: Austin, TX
Posts: 22
Thanks: 0
Thanked 0 Times in 0 Posts
Default
From what I read in rc.conf. inetd is not enabled.
Sendmail is not enabled either but I did find this. sendmail_outbound_enable="YES" running.
I am curious if this is the default setup on FreeBSD or did Kris tweak these?
is "outbound" a security risk?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Tweaks for running smoothly on a ThinkPad T40 Laptop danytancou Tips and Tricks 3 04-27-2010 09:41 PM
What's your favorite movie? Charles The Lounge 50 02-26-2007 10:33 PM
What is your favorite version of PC-BSD? TerryP The Lounge 14 01-04-2007 04:04 PM
Mozilla memory usage tweaks antik Tips and Tricks 0 05-03-2006 06:34 PM
Whats your favorite IDE? madman The Lounge 6 03-17-2006 02:06 PM


All times are GMT. The time now is 05:31 PM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.