On Tue, 8 Jan 2002, Glenn McCorkle wrote: > > One glaring shortcoming is the section on security. > > True, if you follow their suggestion to disable all > > services, you're pretty secure... but if you do that, > > you're throwing away a good deal of what makes Linux > > such a great OS. > > OK... > I have heard this statement from others as-well. > > Could you possibly name some of the services you are reffering to?
As you get into Linux more, you'll discover the desire to run servers... possibly a web server, or maybe an ftp server, or how about a simple news server. Maybe allow friends to log onto your machine using ssh, or hie back to bygone days by running a gopher server. ;-) > And then explain what it is that the "average user" would be > thowing away by not using those sevices ? The most common server with a known exploit is lpd: http://www.cert.org/advisories/CA-2001-30.html IOW, if you have a printer, you'll be running a print server. If you don't know how to put it behind a firewall, or even that you may need to, you're exposing yourself to the very real probability that someone will gain control of your machine. Another packet filtering issue: It's possible for crackers to craft packets which appear to come from your own machine. This is known as IP spoofing. If you don't know how to prevent this, or that you need to, it's possible for the cracker to execute code on your machine through buffer overflows in susceptible programs. No matter what Linux distribution you have (hmmm... possibly with the exception of the one put out by the NSA), there are security exploits being discovered constantly. Thus, there is a need to stay abreast of security updates, and apply them as appropriate. Let's take Red Hat 7.2. It's only been out a few months, yet already there have been 17 updates issued: https://www.redhat.com/support/errata/rh72-errata-security.html Security isn't something you can just apply and forget about like locking your doors when you leave the house. After all, your house doesn't have people coming at all hours of the day and night trying your door knobs, jiggling your windows, or trying to see if there's some way they can lob a smoke bomb in through your bathroom exhaust vent. - Steve
