how would i secure freebsd

Dark Atheist

OSNN Veteran Addict
Staff member
Political User
#1
all of the guides i used to use are extremely out dated, the server will be running ftp and web, shh also but this will be blocked at the router, can anyone offer me a few sites i could look at?

Thanks
 
#2
FreeBSD is pretty secure OOB much more so than the popular Centos/Fedora/Suse anyway.

Make sure that /etc/ssh/sshd_config is set for protocol 2, no root login, not empty passwords.

You can be super secure with regards root access by installing sudo and configuring trusted users to sudo to root, remove the password on the root account and setting all the TTY's to secure ( I think that disables console root access as well)

Don't run services you don't need. (FreeBSD runs only ssh and sendmail OOB) disable sendmail from starting by putting sendmail_enable=NONE in /etc/rc.conf.

Figure out how to configure pf :)
 

X-Istence

*
Political User
#3
For a really secure FTP server, use vsftpd, and for web take your pick, i'd personally suggest lighttpd, while it may take a bit longer to get it configured if you are used to Apache (or use a lot of software that requires Apache) it in general scales better and uses less resources.
 
#6
dr_death_uae has the best advice :) keep a note of the permissions and flag changes though else updating freebsd builds/versions will fail and break your system.

Make the permissions/flag changes before setting kern_securelevel.
 

Dark Atheist

OSNN Veteran Addict
Staff member
Political User
#7
ok one other thing could using the wrong fdisk command wipe mount points? if so any idea on how to get them back ?
 

Members online

No members online now.

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,969
Messages
673,295
Members
89,015
Latest member
arrangel