Chmouel Boudjnah <[EMAIL PROTECTED]> writes:
> Prana <[EMAIL PROTECTED]> writes:
>
> > I will be really glad if most of the unnecessary services are turned off
> > for default install, including but not limited to, inetd daemon. It
> > minimizes or prevents the chance any attacks such as Denial of service
> > and buffer overflow. Let's take a look at the last big security problem:
> > rpc.statd and wu-ftpd, 2 stuff that was turned on by default install.
> > Redhat finally decides to turn off services by default in 7.0 and let
> > the user selects it. I think this has some advantages:
> > - It speeds up the boot process
> > - Reduce some memory consumption
> > - Prevents unexpected crack
>
> and what about for the new users when he doing a {gk}ftp host where he
> expect to work like for all others unixes/linux-distro.
New user know he had to buy an ftp server and to install it
when he was under windows.
Now he know he just need to get one and install it.
That's better : it's free, and that's the way he usually did thing.
> > Other reasons why I am requesting this to be turned off is that I find a
> > lot of newcomers from Windows don't even know what a daemon is, and even
> > when DrakConf has made it super easy, some of them don't really get it.
> > I find a lot of people don't even update the packages that have security
> > problem because they don't even want to read the book too much (this is
> > what most average users are).
>
> Doen't know what a daemon but know they can connect on his machines..
No.
You can't do ftp connect on a freshly installed windows machine.
--
-- Yoann http://www.mandrakesoft.com/~yoann/
One luser tried to change his password on Mandrake. Not having any imagination
at all, he entered "penis" for a password... He got the following answer:
BAD PASSWORD: it is too short
