Security Basics mailing list archives
RE: Newbie: OpenBSD security
From: Will Munkara-Kerr <WillM () cs nsw gov au>
Date: Thu, 24 Oct 2002 13:01:14 +1000
1st googled "Hardening OpenBSD": http://geodsoft.com/howto/harden/ Also you might like to check out: http://bsdvault.net/sections.php?op=viewarticle&artid=92 Basically, do the standard- shut off unneeded daemons, check http://www.openbsd.org/errata.html daily (hourly even), tighten up your openssh options, configure pf, install snort and aide and portsentry, nessus yourself every so often, back up, and actually read the inbuilt pre-configured openbsd reports.. daily insecurity report etc. oh, and leave your computer switched off, buried in a secret basement that no one, not even yourself knows the location of, removed of any networking devices, monitor, keyboard, and relocated to random global basements at indeterminate times, by a socially outcast deaf, dumb, blind mute, who has no understanding of computers. good luck, and have fun... this is cool too, but I implement it far less than I should: http://www.backwatcher.org/writing/howtos/obsd-encrypted-filesystem.html Can't help you to much with the sms stuff, but its possible... we run it at work (not from openbsd though) Afaik, it works by certain mail getting forwarded to a mail server which has sms capabilities, so.... you could cron a email report from openbsd to such a server (which forwards to your mobile) letting you know that everything is ok, but directly from your openbsd machine to your mobile.... not too sure) .will
-----Original Message----- From: His Imperial Majesty Christopher Calderon [mailto:chrisc () forpresident com] Sent: Wednesday, 23 October 2002 4:59 AM To: security-basics () securityfocus com Subject: Newbie: OpenBSD security I am new to OpenBSD and other Unices. I have some Linux experience. I can install the operating system, install software, delete software, add/rm users, etc. How can I strengthen OpenBSD's good security even more? I would like it as tight as possible. I will probably be the only user on the system. I can see myself SSH'ing in and maybe running Apache. Is there software out there that could allow SMS messages to my cell phone to let me know my OpenBSD box at my house is OK and not compromised, or is my crown on my head put on too tightly? Cheers, H.I.M Christopher Calderon
"This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please destroy it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of the Central Sydney Area Health Service."
Current thread:
- Newbie: OpenBSD security His Imperial Majesty Christopher Calderon (Oct 23)
- RE: Newbie: OpenBSD security Ghaith Nasrawi (Oct 24)
- RE: Newbie: OpenBSD security Vince (Oct 25)
- Re: Newbie: OpenBSD security Omas Jakobsson (Oct 25)
- <Possible follow-ups>
- RE: Newbie: OpenBSD security Will Munkara-Kerr (Oct 24)
- RE: Newbie: OpenBSD security Ghaith Nasrawi (Oct 24)