Secure Freebsd
Results 1 to 2 of 2

Thread: Secure Freebsd

  1. #1
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001

    Secure Freebsd

    I not a big fan of writing tutorials because the way i see it most of the information is already out there and probley writen better then i could have anyway.

    However, with the rise of script kiddies i thought i would throw this out. Several of my/clients webservers run on freebsd. The main reason for this is the jail command.
    Man Page

    Its been around since freebsd 4.2 i think i forget though so dont complain to me if its wrong.
    What does it do? You can have it so your actually running another freebsd file system on top of the orignal root file system

    so like if user log in through ssh. To them it would be / but in reallity it would be /jail/
    Whats cool is no process in that file system actually affect the real file system. So if on the host system you did a chflags +i plus use kernel secuity levels you could make it so that no file could be deleted,changed,modified no matter what!......and say you have apache,ssh,ftp, all open and a new exploit comes out, they would all be running in the jail so if they got root they would have root in the jail and not the actual system. But since they couldnt change any files it would really matter anyway. I could go on for days on how you can make a damn near unhackable server but this was just a public anouncement i suppose.

    You want to know how secure it is? I had a server set up at defcon 10 and 11 and gave the root access over ssh to damn near 40-50 pretty illeat peps and they didnt even dent it.
    There has been one exploit but that was for 4.3. If there are any other one i would be greatful to be aware of them.

    If you have any questions IM me
    I toor\'d YOU!

  2. #2
    AO Antique pwaring's Avatar
    Join Date
    Aug 2001
    Erm, where is the tutorial element in this thread? You haven't shown anyone how to setup jail, FreeBSD or anything else.
    Paul Waring - Web site design and development.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts