[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[yh] Distros & Firewalls (fwd)
I saw this on another list I'm on, and thought I should forward it on.
As most of you probably know I feel that the security should be as easy as
possible to set up. I'm not sure how secure Indy is out of the box, but
have suggested that some of the yashy-hack list members join Indy and help
with us with security.
Also, check out Brian "Jericho" Martin's recent article:
---------- Forwarded message ----------
It seems that several of the more popular current linux distributions
ship with with services already running, and not firewalled. Isn't this
There are exploits released daily for old distributions (or even new
ones). For someone that is, say, trying out linux for the first time, this
can be very bad, as they can find their computer rooted (or cracked)
before they even know what a firewall is.
Should the distributions perhaps have the install package make everything
firewalled by default, unless in "expert mode" or some mode where an
experienced user can choose what services they want running?
I find it really strange that they haven't gone ahead and done this,
especially considering all the sites getting cracked daily.
Perhaps it would be a better idea to have _no_ services run by default,
forcing users to RTFM regarding the security of any services they are
interested in installing. At that point, they could then learn how to
firewall a given service. There are several "Intro to Firewall" texts
available, which should give users a basic understanding of a packet
Microsoft Corp., concerned by the growing popularity of the free 32-bit
operating system for Intel systems, Linux, has employed a number of top
programmers from the underground world of virus development. Bill Gates
stated yesterday: "World domination, fast -- it's either us or Linus".
Mr. Torvalds was unavailable for comment ...
(email@example.com (Robert Manners), in comp.os.linux.setup)
to unsubscribe: echo unsubscribe | mail firstname.lastname@example.org