On Sat, 2006-12-16 at 19:37 -0800, Arden wrote: > I am wondering what I really need to install for security on my new > LFS system. > I am the only user, > connected behind a router to the internet, > will be used for graphics, email, web, > and connect to my local network. > > Is PAM necessary? Tripwire? Kerberos? I would like to hear your > recommendations or comments.
I think installing PAM is a good idea - not because it provides additional security, but because the framework it provides is gradually becoming a requirement of other projects. For example, the HAL developers have introduced a desktop security framework called PolicyKit which depends on PAM - the next version of HAL won't require this, but future versions will. So installing PAM is probably a good idea. For the others, I'd not bother. My machine runs an iptables firewall and is behind a firewalled router, so I regard intrusion detection like Tripwire to be unnecessary. And Kerberos is unlikely to be needed on a home machine - it's total overkill for securing your own machine, and probably not needed for accessing others either. Simon.
signature.asc
Description: This is a digitally signed message part
-- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
