2009/6/19 Tim Judd <taj...@gmail.com>: > Something dawned on me. FreeBSD/Open/Net are all well secured > systems. On an Internet-facing router, would applying a higher > kern.securelevel provide any better, tighter, higher security if the > machine was broken into? Given you need to lower the securelevel > before multiuser, it is a reasonable to think raising the securelevel > will give higher comfort feeling? > > > I know this is a logical/thinking/mind question, but that's what I'm asking > for. >
By all means raise your securelevel if you're happy with firewall rules, and don't ever need to change flags on files, but really, unless you expect root to be broken, it's kinda annoying. Just disallow root access to EVERYTHING, ssh, telnet (if you're mad enough to run it facing the net), ftp, etc. Chris -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in a mailing list? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
