FreeBSD - a lesson in poor defaults
This page lists some of the changes I make to a vanilla install of FreeBSD for security hardening. Some changes to increase network performance or make things a bit more sane are also included. It only covers basic changes that a sysadmin can make to a running system.
It could also be considered a commentary piece on the state of security in FreeBSD's development ecosystem, highlighting their strong resistance to change and unwillingness to replace old cruft with modern alternatives.
The project's security page says the following:FreeBSD takes security very seriously and its developers are constantly working on making the operating system as secure as possible.
But is that really true? Let's find out.
ping: https://mastodon.social/@CuratedHackerNews/116549957974859573