Freebsd

FreeBSD hardening with Lynis

This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.

Summary of FreeBSD hardening with Lynis

Lynis development has its roots on a FreeBSD system, therefore FreeBSD hardening is also easy and supported when using Lynis. People who want to audit and harden their FreeBSD system will discover Lynis to be a powerful tool for this purpose. In this article we will focus on how to audit your system with Lynis. Ports Lynis is available from the ports tree and usually the version is close or at the latest version.

Read the full article…

Vulnerable packages on FreeBSD: pkg audit

FreeBSD has a powerful package manager tool audit your installed software packages. Run a security scan with pkg audit and keep your system secured.

Summary of Vulnerable packages on FreeBSD: pkg audit

Auditing FreeBSD with pkg audit FreeBSD is definitely another beast than Linux. In some areas, FreeBSD is really a powerful operating system. Package management is maybe not the first one you may think of. Typically FreeBSD users have two options when it comes to installing packages. Ports collection The ports tree allows the administration to build software they need, with the compilation flags he or she prefers. This makes the software optimized and typically the last versions are available.

Read the full article…

What is the ‘toor’ user on FreeBSD?

When installing and using FreeBSD, you may wonder why there are two users with user ID of zero. What is this second user 'toor' and do we need it?

Summary of What is the ‘toor’ user on FreeBSD?

What is the ’toor’ user on FreeBSD? Linux and *BSD systems have by default a root user installed. As it has a user ID of zero (0), it gains the highest level of permissions from the kernel. On FreeBSD systems, there is also the ’toor’ user, with the equal high-level user ID of zero. It is simply the reversed version of ‘root’, and installed as a backup account. By default, it has no shell assigned, so it can’t log in.

Read the full article…