DSA - JCR wrote:
HI all again
I would like to know if there is a method to know how well protected is my
system (FreeBSD 6.2) in order to not permit a user to enter as root.
I need it because I have intellectual propierty in that box, and I know
some people is interested on it.
I use inetd, and I have all ports disable except Samba because it is a
repository for Windows Docs in a network. (swap is not enable).
My root password is almost 20 chars with numbers, normal and capitals
there is a user that belongs to operator with a script for (un)mounting
USB disk in which I trap almost all signals (about 15).
thanks in advance
Desarrollo de Software Atlantico
You do realize this is not an easy question to answer, right?
Security is mostly about applying good practices, and is more of a
(never ending) process and not a system.
FreeBSD gives you all the tools you need to build a very secure system,
but it is up to you.
First things to consider: what you want to protect, from whom, what kind
of access (if any) they have to the machine.
A strong root password is good, but not of much use if someone can walk
to the machine and reboot it to single user mode, or even worse get the
disk and run.
You already say about a user with operator rights. If it is only a mount
/ umount operation he needs to perform, a very specific sudo would be
better IMHO. And if it is really local users you are concerned about, I
would suggest encryption. And as an extra measure, mark the system
console as insecure in /etc/ttys
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"