Secure FreeBSD 13.1

2022 07 03

Install ClamAV

# pkg install clamav

Edit rc.conf

# vi /etc/rc.conf

Add the following.

clamav_freshclam_enable="YES"

Secure SSH
Open the SSH configuration file and update the line PermitRootLogin

# vi /etc/ssh/sshd_config

Look for the following line and if needed change to No.

PermitRootLogin No

Save changes to sshd_config

# wq!

Restart SSH.

# service sshd restart

Editing /etc/rc.conf to set the following services that will start or will not start at boot time


firewall_enable="YES"

firewall_quiet="YES"

firewall_type="workstation"

firewall_myservices="22/tcp"

firewall_allowservices="any"

firewall_logdeny="YES"



sshd_enable=”YES”



clamav_freshclam_enable="YES"



clear_tmp_enable="YES"



apache24_enable="NO"

mysql_enable="NO"



sendmail_enable="NO"

sendmail_submint_enable="NO"

sendmail_outbound_enable="NO"

sendmail_msp_queue_enable="NO"

This is by no means a complete list but it is a good starting point for securing your FreeBSD 13.1 system.

Digital Media & Research Services

How To

Secure FreeBSD 13.1

2022 07 03