I have a recently cvsupped SMP 4.4-stable running great.
ipfilter is: - blocking (all?) spoofs and smurfs - blocking all packets on all ports except: - packets part of inside-initiated tcp/udp/icmp connections - tcp SYN packets on port 22 (ssh) The setup is taken directly from the ipf-howto. So all unwanted packets are dropped except for SYN/22 packets. This leaves me open to SYN flooding and username/password guessing. After some google research, it appears FreeBSD is pretty good at combating the flooding problem. As for username/password guessing, there's not much I can do about that other than picking a 'good' password and checking the logs. Oh and there could be an exploit in OpenSSH. My naive view is that this setup looks -pretty good-. My question is: how confident should I be? Is it really worthwhile for me to spend time setting up tripwire, kernel levels, etc? How many people are that really that paranoid (paranoia being a good thing)? I am a software developer (this box is at work), so the more time I spend developing software the better. Thanks. ________________________________________________________________ Nokia 5510 looks weird sounds great. Go to http://uk.promotions.yahoo.com/nokia/ discover and win it! The competition ends 16 th of December 2001. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
