| "Perfect security" is a myth; only superhuman effort can keep a system so completely buttoned up that no attack can ever get through. The next best thing, however, is to know which areas of your system are at greatest risk and how those risks can be combated. Security risks for a network server can be grouped into three major categories: Root compromise An attacker takes advantage of unencrypted transmissions or known programming weaknesses in server software (most commonly buffer overflows, or weaknesses in input boundary checking in server software) to gain super-user access to the system. He then installs tools of his own to conceal his presence from your system-monitoring tools (such as last and ps) and can steal any of your critical data or use your system as a base point for further hacking activities. Privacy compromise If network traffic to and from your system is not encrypted (scrambled), an attacker can view any of it, including passwords (potentially leading to root compromise) or any user's critical or private communications. Denial of service An attacker (or a widespread network of attackers, often comprised of unwitting "zombies") uses brute-force methods such as flooding your server with large amounts of legitimately constructed traffic, thus swamping its ability to serve traffic to normal clients and potentially crashing the system.
Within each of these categories of security risks, the most common threats result from these specific security weaknesses: Insecure (weak) passwords Passwords that can be guessed by software using common words and sequences. Clear-text services Services in which passwords and other sensitive information can be obtained just by "sniffing" the unencrypted data packets on the wire. Unnecessary and exploit-prone services If you don't need to provide a service, don't. It can only cost you in the end. Open SMTP relaying Allowing spammers to use your SMTP server as an open relay for broadcasting junk mail. Unfiltered network access Run a firewall to prevent unauthorized or undesirable traffic from getting to your machine. Outdated and vulnerable software The older a piece of software is, the greater the chances someone has found a way to break in through it.
Each of these weaknesses is a potential problem on FreeBSD in its default configuration. The sections that follow show you how to close these security gaps and find the necessary tools to maintain a system that will stand up to the inevitable hacker (or, more properly, "cracker") attacks that will be leveled against it. Note Marcus Ranum outlines the Six Dumbest Ideas in Computer Security at http://www.ranum.com/security/computer_security/editorials/dumb/. Consider it required reading!
|
