Rich Shepard wrote:
> On Thu, 25 Sep 2014, Larry Brigman wrote:
>
>> Nobody from the outside can get on this install as it doesn't have any
>> networking listening servers running, not even sshd.
>
> For what it's worth, sshd can be set non-executable on any distribution as
> far as I know. It's a function of that daemon running or not, not the
> distribution.
What are keywords I should search for?
I have read Debian security info suggesting that all unnecessary
daemons/etc be deleted.
I have at least three distinct use cases:
0. for all cases - no known need for any "server" re internet
(poorly phrased)
1. my personal system - sub-cases
a. Maintenance mode - cf Runlevel=1
b. Internet - no unsolicited incoming connection
as yet unspecified supervision of out going connections
(cf COMODO on Windows)
c. Computer used to compute - *NO* networking _whatsoever_
(ME, strange? ;/ )
2. system for a friend 1000 miles away
a. he has BSEE but no interest in computers except as a tool
b. his wife with a MS Education (minor in piano/organ IIRC)
probable use - browser, email, home office apps
3. Church has received some computers to be used for
instructional purposes. We
have an outreach to an inner city school across the street
and another
outreach to adults with various needs. There is no
networking infrastructure.
It would be wise to actively prevent internet access if
someone brought in
a USB dongle etc. As I will likely be the one doing upkeep
I would prefer
disabling "su" and "sudo" *COMPLETELY". Required
maintenance would be running
from a "modified rescue cd".
Am I just clueles
_______________________________________________
PLUG mailing list
[email protected]
http://lists.pdxlinux.org/mailman/listinfo/plug
