Hi,
To all the things that follow (sorry about top reply) I'd add a clever
configuration of tcpwrapper (/etc/hosts.allow) whenever it is
possible: allows to open a service to a list of given clients only.
It is just another layer of security.
Olivier
> > So far I have had FreeBSD systems only i
--On Wednesday, February 20, 2008 17:22:02 + Matthew Seaman
<[EMAIL PROTECTED]> wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Zbigniew Szalbot wrote:
So far I have had FreeBSD systems only in office so I used my hardware
firewall (Dlink DFL 700) to block access to services on po
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Zbigniew Szalbot wrote:
> Hello,
>
> 2008/2/20, Matthew Seaman <[EMAIL PROTECTED]>:
>> Make sure you track [EMAIL PROTECTED] and apply any system patches
>> in a timely manner. Also make full use of portaudit(1) and generally ensure
>> that you
On Wed, Feb 20, 2008 at 05:22:02PM +, Matthew Seaman wrote:
This is a very nice summary.
I will steal it and post it on the wall in our cube-maze hallway.
Thanks,
jerry
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Zbigniew Szalbot wrote:
>
> > So far I have had FreeBSD sy
Hello,
2008/2/20, Matthew Seaman <[EMAIL PROTECTED]>:
> Make sure you track [EMAIL PROTECTED] and apply any system patches
> in a timely manner. Also make full use of portaudit(1) and generally ensure
> that you are running up to date versions of any ported software.
Thaaanks! Ah... this brin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Zbigniew Szalbot wrote:
> So far I have had FreeBSD systems only in office so I used my hardware
> firewall (Dlink DFL 700) to block access to services on ports 22, etc.
> Now, at the ISP I won't be able to do this so I will need to be a lot
> more
On Wed, 20 Feb 2008 17:02:22 +0100
"Zbigniew Szalbot" <[EMAIL PROTECTED]> wrote:
>
> In a matter of weeks we will be moving our office "server" replacing
> it with a dedicated server machine functioning at an ISP's location. I
> have spoken to them and they use Fedora so they won't be able to help
On Feb 20, 2008 11:02 AM, Zbigniew Szalbot <[EMAIL PROTECTED]> wrote:
> Dear all,
>
> In a matter of weeks we will be moving our office "server" replacing
> it with a dedicated server machine functioning at an ISP's location. I
> have spoken to them and they use Fedora so they won't be able to help
Dear all,
In a matter of weeks we will be moving our office "server" replacing
it with a dedicated server machine functioning at an ISP's location. I
have spoken to them and they use Fedora so they won't be able to help
me much (besides we're not really prepared to pay them for
administrative work