[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security matters



> 
> I keep hearing about "script kiddies" and more and more Linux cracking
> going on.  Would it be a good idea to close up some of the worst
> vulnerabilites?  For us beginners, it's hard to figure out how to turn off
> all those unneeded services.  Here in the US, it's common to stay online
> for hours at a time, and I'm getting concerned about it.
> 
> I know Bastille Linux is also based on Red Hat, and there are various
> scripts floating around ....  I think after ease-of-use, security could be
> a secondary objective.  [Yes, I know that security is antithical to
> ease-of-use.]
> 
> If I'm asking too much, I'll quietly go back to my corner. :-)
> 

No you are not asking too much: we have given thought to this,
implementing it for this version could be another matter: mainpower is
scarce (hint, hint :-).

I remember to have to spend about a day after installing a Linux
distribution performing auxiliary tasks like configuring printing,
disabling services, recompiling the kernel and so on.  Some users
could not ahve the skill, others could like to spend this time in real
work.

Indy's philosophy is to provide you a distribution as ready to use as
possible: for instance autofs is not even installed by default in
RedHat while in next Indy it will be and in addition its config files
are already built for automounting of CDROMs and thsi with the right
security features.  I consider that having to manually mount devices
was right when Unix was used like a small mainframe, it is not for a
Linux workstation were many users change CDROm 4 or 5 five times a
day.

That philosophy of providing something ready to use means that
providing an inet.conf with unneeded services disabled is a goal of
Indy

-- 
			Jean Francois Martinez

Project Independence: Linux for the Masses
http://www.independence.seul.org