On Tuesday 11 January 2005 12:46 am, artware wrote: > Thanks for the input, everyone! Port-knocking is overkill at this > point, but I did do the following things to sshd_config: > > Set port to non-default > PermitRootLogin no > LoginGraceTime 45s > AllowUsers lists only one user -- me. :) > > I also did route -nq add -host xxx.xxx.xxx.xxx 127.0.0.1 -blackhole... > > I think telnet was disabled by default in the base 5.3 install... > > I know this attack was probably random, but the whole reason I took > over as sysadmin and switched to FreeBSD is that our RHE box was being > broken into almost nightly -- so I'm sensitive to security concerns. > Is there anything else I should consider doing to the stock FreeBSD to > fortify it? It already feels about 100 times more secure than RH...
You might consider using pf as a stateful packet filter. You could for example limit SSH connections to certain ip addresses, redirect connections at port 25 to spamd, etc, etc. There's a very good user's guide & overview of pf at: http://www.openbsd.org/faq/pf/index.html Jay _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"