In this article I discuss generalized ways to increase system and network trust. While my examples are somewhat FreeBSD-centric, they can be abstracted to almost any platform. There is a popular misconception floating around the corporate sector. Many individuals tout, UNIX is not as secure as other operating systems. They often specifically target free variants. The fact is, UNIX has one of the most-tested network stacks of any OS, and that's not just commercial UNIX - the same goes for the free versions like FreeBSD.
Any out-of-box OS must be considered relatively insecure (low trust). The only way to reliably maximize the trust of a system or network is to develop a strict security policy, and religiously follow the rules in your policy when configuring any node. Read O'Reilly & Associates' Practical UNIX & Internet Security for some good guidelines to follow when developing your own policy. The Site Security Handbook (RFC 2196) is also a suggested read.
The link for this article located at daemonnews is no longer available.
