Of course, I wanted to say not OPTION but CHOICE :-)
Peter Rosa
----- Original Message -----
From: "Peter Rosa" <prosa@pro.sk>
To: <matthew@starbreaker.net>
Cc: "FreeBSD Questions" <freebsd-questions@freebsd.org>
Sent: Saturday, July 26, 2003 7:33 PM
Subject: Re: suid bit files and securing FreeBSD
> Hello Matthew,
>
> thank you very much. It's excatly you say. FreeBSD is my option because
of
> "historical reasons". Someone has installed it for me two years
ago, and
now> I love it (he installed it after two hacks and two reinstallations of
RedHat> Linux [I don't want to say, RHL is not good, but FBSD is better :-)
{now I
> see the storm, like with I'm christian...... mail to this list
:-))) } ] ).>
> Wow, such a short sentence I just produced :-)
>
> Peter Rosa
>
>
> ----- Original Message -----
> From: "Matthew Graybosch" <matthew@starbreaker.net>
> To: "Peter Rosa" <prosa@pro.sk>
> Cc: <freebsd-questions@freebsd.org>
> Sent: Saturday, July 26, 2003 7:22 PM
> Subject: Re: suid bit files and securing FreeBSD
>
>
> >
> > > Second question is: Has anybody an exact wizard, how to secure
> > > the FreeBSD machine. Imagine the situation, the only person who
> > > can do anything on that machine is me, and nobody other. I have
> > > set very restrictive firewalling, I have removed ALL tty's
except
> > > two local tty's (I need to work on that machine), but there
are
> > > still open port 25 and 53 (must be forever), so someone very
> > > tricky can compromite my machine.
> > >
> > > I'm a little bit paranoic, don't I :-)))))))
> >
> > Uhm, yes, you *are* just a wee bit paranoid. But it helps to be
> > paranoid if you're root on somebody else's machine. Great
power and
> > great responsibility, right?
> >
> > But if you're concerned with security uber alles, I'm
surprised you
> > didn't look into OpenBSD first. According to their site
> > (openbsd.org), they've had "only one remote hole in the
default
> > install, in more than 7 years!"
> >
> > FreeBSD certainly can be secured, but it appears that the developers
> > put performance and reliability first, and then security. Theo de
> > Raadt puts security first.
> >
> > --
> > Matthew Graybosch
> > http://www.starbreaker.net
> > "I am become root, shatterer of kernels."
> >
> > _______________________________________________
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
> >
>