[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: secure by default
Speaking of apache...is the version of apache that comes with openbsd
modified to work "more secure", or is it just a default apache install...?
On Fri, 31 May 2002, Al Lipscomb wrote:
> >> being a relative newbie to openbsd and having done my first
> > install just last week i have a question.
> > the default install as far as i am aware gives you a box that
> > just has sshd listening and not much (if anything else). i am
> > looking to use openbsd in a variety of ways one being an
> > intranet server, so to do this i need to switch on apache,
> > install php and possibly mysql.
> > my question is with those services now switched on (apache,
> > php & mysql) how secure is my openbsd box now? compared to my
> > slackware / red hat / apple box?
> > my thoughts are yes you can say the default install is tight
> > as a ducks arse but if you want to do anything usefull
> > (apache, samba, named, etc). is it as secure (or unsecure) as
> > any other operating system.
> Hard question to answer. If you stayed with the defaults you are OK.
> The more changes you make the more chances of a problem.
> I would ask what does your PF rules look like?
> By making sure nothing but the traffic you desire hits the services on
> the box you reduce the chances that an exploit is exposed.