Hosting Provided By

Re: secure installation

From: Henri Salo <fgeek(at)fgeek.fi>
Date: Wed Aug 15 2007 - 16:19:19 EDT

On Wed, 15 Aug 2007 14:23:06 -0500
Pat <paparsoss@gmail.com> wrote:

> There are a few security issues I have noticed about debian's
> installation.
> 1) No firewall setup during the install process, as it would be a
> simple matter to run lokkit at the end of the install I fail to see
> why this is not
> done.
> 2) Rpfilter and tcp syncookies are not enabled by default. Again
> this is a simple correction, and indeed has been mentioned in several
> open source linux guides for years.
> 3) Do we really need portmap, inetd, or nfs running by default on our
> workstations?

There shouldn't be any ports open to internal network after installation. Where do you need firewall after installation when you can make one i.e. with iptables?

Henri 'fgeek' Salo

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Wed Aug 15 17:19:25 2007

This message: [ Message body ]
Next message: Ian McDonald: "Re: secure installation"
Previous message: Pat: "secure installation"
In reply to: Pat: "secure installation"
Next in thread: Pawe³ Krzywicki: "Re: secure installation"
Reply: Pawe³ Krzywicki: "Re: secure installation"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:52:43 EDT