Hi, > 13. feb. 2021 kl. 20:14 skrev sivasubramanian muthusamy > <6.inter...@gmail.com>: > > Hello, > > I am an ordinary computer user, installed 6.8 without connecting to > the Internet yet, (a friend and a technical expert recently advised me > in a different context: do not expose your machine to the Internet- > don't know what that means) > > OpenBSD intro says OpenBSD is secure by default. How is it secure by > default for an average user who does not get to ssh, does not use his > computer as a web-server or as a VM host, who does not have to share > screen etc? What ports are open by default and what applications start > by default? > > Before connecting the computer to the Internet, what other steps > should a very ordinary user take? Block a few more ports? Which ones?
To me this sounds like your friend does not know anything specific about OpenBSD, and in that scenario the advice is sound — «don’t put anything on the network that you don’t know how to operate». However, if you did run through the install, you will have noticed that it asked whether you wanted to run sshd. If you said no to that question, as far as I know there are no daemons listening on a default OpenBSD install. This is easy to verify by running a simple port scan from another host on your local network. By the way, you posted this to the wrong list. tech@ is for patches and patch related discussions only. I’m redirecting to misc@, which is a more appropriate forum. You might find useful information in one of my recent presentations, see https://undeadly.org/cgi?action=article;sid=20201109055713 <https://undeadly.org/cgi?action=article;sid=20201109055713> and links therein. All the best, Peter N. M. Hansteen — Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
signature.asc
Description: Message signed with OpenPGP
