Secure FreeBSD 13.1
2022 07 03
Install ClamAV
# pkg install clamav
Edit rc.conf
# vi /etc/rc.conf
Add the following.
clamav_freshclam_enable="YES"
Secure SSH
Open the SSH configuration file and update the line PermitRootLogin
# vi /etc/ssh/sshd_config
Look for the following line and if needed change to No.
PermitRootLogin No
Save changes to sshd_config
# wq!
Restart SSH.
# service sshd restart
Editing /etc/rc.conf to set the following services that will start or will not start at boot time
firewall_enable="YES"
firewall_quiet="YES"
firewall_type="workstation"
firewall_myservices="22/tcp"
firewall_allowservices="any"
firewall_logdeny="YES"
sshd_enable=”YES”
clamav_freshclam_enable="YES"
clear_tmp_enable="YES"
apache24_enable="NO"
mysql_enable="NO"
sendmail_enable="NO"
sendmail_submint_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
This is by no means a complete list but it is a good starting point for securing your FreeBSD 13.1 system.