Hi. I've set up several firewalls with OpenBSD but I have yet to go to
any extremes regarding "hardening". So far I have updated the source
(stable), recompiled the system & kernel, removed the source code,
turned off inetd, and set up a tight pf.conf. I have been reading up
on an interesting st
On Tuesday 07 March 2006 23:42, Peter wrote:
> Hi. I've set up several firewalls with OpenBSD but I have yet to go to
> any extremes regarding "hardening". So far I have updated the source
> (stable), recompiled the system & kernel, removed the source code,
> turned off inetd, and set up a tight
On Tue, Mar 07, 2006 at 11:42:23PM -0500, Peter wrote:
> Hi. I've set up several firewalls with OpenBSD but I have yet to go to
> any extremes regarding "hardening". So far I have updated the source
> (stable), recompiled the system & kernel, removed the source code,
> turned off inetd, and set u
* Joachim Schipper <[EMAIL PROTECTED]> [2006-03-08 12:13]:
> 1. Use sudo exclusively - set an empty or nonsense root password
Stupid - if there is only one user with sudo-ability then
this is the same as just having root. if there are more, there are
now two passwords out there to g
Thanks to the responders for their insights. I have a lot to consider
here. Honestly, I did not feel comfortable removing a ton of
executables. I'll probably put back the source I removed as well.
--
Peter
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
On Wed, Mar 08, 2006 at 01:58:18PM -0700, Bob Beck wrote:
> * Joachim Schipper <[EMAIL PROTECTED]> [2006-03-08 12:13]:
>
> > 1. Use sudo exclusively - set an empty or nonsense root password
>
> Stupid <...>
> > 2. Use public key authentication only for sshd(8), and restrict
> > whic
6 matches
Mail list logo