Hi all,
I'm struggling with getting an overview of all the services installed, and what configuration I have to check.
How do I find out what services are active in my fresh FreeBSD install?
How do I find out which ones are present but inactive?
How do I identify all the rc.conf settings that pertain to a service?
How do I make sure I didn't overlook an important rc.conf setting (or other setting)?
(Substitute "feature" for "service" as appropriate.)
Background: I want to set up a FreeBSD box that's secure. It is going to run a pretty minimal install (otherwise I wouldn't bother trying to understand it all), and I want to know the weakest links so I know what to strengthen first, or where to look first in a post-mortem investigation.
I do assume that FreeBSD is pretty secure by default.
I just want to be slightly smarter than "just assume it's safe", because "just assume" and "secure" Just Don't Mix.
If possible, I'd prefer a strategy to use over a plain list of things to check, which would become less useful as FreeBSD evolves.
Though a plain list is better than nothing at all, so if there's no good strategy that a FreeBSD newb like myself can just follow, feel free to collect list items anyway !
Any insights appreciated!
I'm struggling with getting an overview of all the services installed, and what configuration I have to check.
How do I find out what services are active in my fresh FreeBSD install?
How do I find out which ones are present but inactive?
How do I identify all the rc.conf settings that pertain to a service?
How do I make sure I didn't overlook an important rc.conf setting (or other setting)?
(Substitute "feature" for "service" as appropriate.)
Background: I want to set up a FreeBSD box that's secure. It is going to run a pretty minimal install (otherwise I wouldn't bother trying to understand it all), and I want to know the weakest links so I know what to strengthen first, or where to look first in a post-mortem investigation.
I do assume that FreeBSD is pretty secure by default.
I just want to be slightly smarter than "just assume it's safe", because "just assume" and "secure" Just Don't Mix.
If possible, I'd prefer a strategy to use over a plain list of things to check, which would become less useful as FreeBSD evolves.
Though a plain list is better than nothing at all, so if there's no good strategy that a FreeBSD newb like myself can just follow, feel free to collect list items anyway !
Any insights appreciated!