Daniel Pittman wrote:
It looks to me like either ipf or ipfilter are equally good, and have
about the same capabilities,
While you are getting started and to test rules you could use
/etc/hosts.allow also.
You may already be familiar with it from other OSs.. We use to keep a
list of what IPs can ssh into our machines. Biggest drawback.. only
works with apps that support it.
I have, at the moment, 5.4-RELEASE #0 according to uname. I suspect
that means the very first release of 5.4, correct? In which case, I
need to update the FreeBSD core.
You want to use cvsup to update the source.
So: how can I bring this up to the latest stable release in the 5.4
series?
My advice is to get cvsup installed, get latest source, recompile all.
Specially now that you are not in production. Should have all the info,
but whatever aspects are not clear you can ask here in the list.
Once that is done, is there any equivalent to the 'portaudit' tool to
check the system and warn me if there are outstanding changes on the
release branch?
There are several audit tools in the ports. I am not familiar with any,
but until you find one you like you can use mtree.
Also for machines that you have physical access to or have remote kvm
you could also look at the security profiles. Basically you can set
rights such that a number of changes can only be done in single user
mode. I have never used it, but I think it could possibly help to make a
machine more tamper resistant.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
