securing an older servezr

securing an older servezr

Post by Etom » Thu, 04 Apr 2002 20:57:48



hi,
i have a freebsd 4.0 system running and havenet updated the sources in a
long tme, and frankly dont have time for the moment

how can i secure this system?  what are the "biggies" that can be
exploited?  I've updated samba, FTP, sendmail, shut down all services
(especially telnrt), but am wondering if there's others.

also, i run a portscan and see that rpc's are enabled how can i shut them
off as i tried in /etc/services

thanks for your help


SDF Public Access UNIX System - http://sdf.lonestar.org

 
 
 

securing an older servezr

Post by fred » Fri, 05 Apr 2002 03:24:18



Wrote:

>hi,
>i have a freebsd 4.0 system running and havenet updated the sources in a
>long tme, and frankly dont have time for the moment

>how can i secure this system?  what are the "biggies" that can be
>exploited?  I've updated samba, FTP, sendmail, shut down all services
>(especially telnrt), but am wondering if there's others.

>also, i run a portscan and see that rpc's are enabled how can i shut them
>off as i tried in /etc/services

>thanks for your help


>SDF Public Access UNIX System - http://sdf.lonestar.org

I believe what your looking for is set in /etc/rc.conf

add the following

portmap_enable="NO"

reboot that should do it.

fredh

 
 
 

1. securing an older Linux box

Hi:

I'm running an older linux box - RH 3.0.3 kernel 1.2.13 - as
a web server/newserver. I've buttoned it up w/ restrictive
hosts.allow and hosts.deny and have run cops and plugged the
holes generated therefrom. Any other suggestions for diags
and such? Thanks!
--


L I N U X
Savannah, Ga
http://pw1.netcom.com/~bmcarth

2. scheduling ftp transfers

3. ncftp tries downloading older files, older than specified with -n

4. Idea: Iconic representation of Sender ( Kmail + patches )

5. Secure Secure Secure

6. need libraries, where???

7. secure/non-secure terminal designation

8. SW Technology - Is it good?

9. Secure Server -OK, but what about Secure E-Mail?

10. secure/non-secure msg when viewing webpage

11. use of secure and non secure FTP on the sme server

12. secure website error: "secure handshake failed"

13. How secure si secure?