Thanks, someone else sent me a postscript document
with a very detailed description of the differing
security levels.
--- civileme <[EMAIL PROTECTED]> wrote:
> On Wednesday 10 January 2001 02:51, you wrote:
> > No answers? I sure was hoping for more than the
> brief
> > description of Mandrake's Server vs. Workstation
> vs.
> > Developer class installation. And what exactly is
> > paranoid security, or high, or welcome crackers
> for
> > that matter? Oh well, just guessing I guess I'll
> do a
> > Developement install with welcome crackers
> security
> > level then harden the box myself the old fashioned
> way
> > or with Bastille.
> >
>
> Hmmm, well, high security has a little program
> running around changing things
> you might make world-writable to some other
> setting--read the logs for
> details. The same changes to the system that
> generate warnings at medium
> security cause actions at high.
>
> You cannot run update easily also with High, and
> login as root isn't
> permitted; you have to login as a user and su to
> root
>
> With paranoid security, nothing is started by
> default. You have to initiate
> the services you want, and the security program will
> bother you a lot unless
> you put most services in chroot jails.
>
> Low Security has Passwords, and might be similar to
> most distros out of the
> box. This would be a good beginning for hardening
> the box yourself.
>
> Poor Security has none, but does identify users
>
> Welcome to Crackers might be difficult to harden.
> The one time I installed
> that, I did not notice the concept of users as part
> of the repertoire.
>
> Civileme
>
> > --- Charles Baker <[EMAIL PROTECTED]> wrote:
> > > Date: Tue, 9 Jan 2001 10:08:48 -0800 (PST)
> > > From: Charles Baker <[EMAIL PROTECTED]>
> > > Subject: Installation classes and security
> levels
> > > To: [EMAIL PROTECTED]
> > >
> > > Is there a breakdown of exactly what you get
> with
> > > the
> > > various Mandrake installation classes and
> security
> > > levels? I'm interested in setting up a server
> with
> > > Apache, PostgresQL, Tomcat, OpenSSH, a JDK and
> > > perhaps
> > > a minimal X install and/or VNC to tunnel through
> ssh
> > > so my less linux savvy partner can do some work
> > > remotely. Thanks for any tips and pointers.
> > >
> > > =====
> > > -
> > > [EMAIL PROTECTED]
> > > Hacking is a "Good Thing!"
> > > See
> > >
> http://www.tuxedo.org/~esr/faqs/hacker-howto.html
> > >
> > >
> __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! Photos - Share your holiday photos
> online!
> > > http://photos.yahoo.com/
> >
> > =====
> > -
> > [EMAIL PROTECTED]
> > Hacking is a "Good Thing!"
> > See
> http://www.tuxedo.org/~esr/faqs/hacker-howto.html
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Photos - Share your holiday photos online!
> > http://photos.yahoo.com/
>
=====
-
[EMAIL PROTECTED]
Hacking is a "Good Thing!"
See http://www.tuxedo.org/~esr/faqs/hacker-howto.html
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/
