On Wednesday 15 August 2007 21:19, Henri Salo wrote:
> On Wed, 15 Aug 2007 14:23:06 -0500
>
> Pat <paparsoss@gmail.com> wrote:
> > There are a few security issues I have noticed about debian's
> > installation.
> > 1) No firewall setup during the install process, as it would be a
> > simple matter to run lokkit at the end of the install I fail to see
> > why this is not
> > done.
> > 2) Rpfilter and tcp syncookies are not enabled by default. Again
> > this is a simple correction, and indeed has been mentioned in several
> > open source linux guides for years.
> > 3) Do we really need portmap, inetd, or nfs running by default on our
> > workstations?
>
> There shouldn't be any ports open to internal network after
> installation.
> Where do you need firewall after installation when you
> can make one i.e. with iptables?
Yes, but not everyone is able to make one...
There is a lot of people who are using Debian only as a workstation to create for example some OO documents, and they really dont need to know what iptables is or some other packages involved in security issues...
>
> - Henri 'fgeek' Salo
Regards Pawel
--
Proud Debian GNU/Linux User: Pawel"at"Wartan"dot"org
kadu:3735326 Registered Linux User : 406139 |PLUG :1966491030
Home Page:
http://www.wartan.org
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Received on Wed Aug 15 18:20:06 2007
This archive was generated by hypermail 2.1.8
: Sun Oct 07 2007 - 07:52:43 EDT
|
