On a semi-related note, check out SOFI (Simple OpenBSD Firewall Interface) at
http://heily.com/mark/sofi/
It does some nice things with setting up firewall and nat conf files. Also installs a really pretty web interface to some command-line network/admin tools. However, that comes with it's own security implications; caveat emptor. Would HIGHLY suggest using https and setting up access controls. This is not done by default.
In general, I really like the package. It can quickly and easily handle most basic firewall configurations, and while I wouldn't use them for real hardcore troubleshooting the web interface tools are nice for "quick-looks" at what's happening.
Good luck.
-Brian
--On Thursday, October 24, 2002 08:23:34 AM +0200 Omas Jakobsson <[EMAIL PROTECTED]> wrote:
Well... You should read up on systrace included with OpenBSD, in case you want to sandbox for example Apache, so that it also in a sense can under the right circumstances protect from some unknown attack.If you like an SMS message sent you if a problem occurs, the first thing you should do is to think about wich messages you want sent to you (there is alot you know) and then find an mobileoperator who can give you an mailaccount that passes on all incoming mail at a certain address as SMS to your phone. After that, a quick look on how OpenBSD handles sending out mail when an error occurs (syslog.conf is a good tip) You can also watch your machine even closer with Snort (http://www.snort.org), a very good IDS(Free) Regards /Omas Jakobsson His Imperial Majesty Christopher Calderon skrev:I am new to OpenBSD and other Unices. I have some Linux experience. I can install the operating system, install software, delete software, add/rm users, etc. How can I strengthen OpenBSD's good security even more? I would like it as tight as possible. I will probably be the only user on the system. I can see myself SSH'ing in and maybe running Apache. Is there software out there that could allow SMS messages to my cell phone to let me know my OpenBSD box at my house is OK and not compromised, or is my crown on my head put on too tightly? Cheers, H.I.M Christopher Calderon
