Quoting Mark Erbel O. Domingo ([EMAIL PROTECTED]): > i agree with Jijo on this one. debian boxens are fairly secure, there is > a securing debian howto, and there are debian packages that make > hardening the system easier: eg, tripwire, aide, portsentry, snort, > harden, etc...
Beware of the assumption that adding software makes a system more secure. Although probing your own security (snort, nmap) is always a good idea, a lot of this stuff is what appeals to gadget-freaks, as opposed to security people. (Unfortunately, discussing security tends to attract people who like playing with neat and/or brand-new software. That's nice, but has relatively little to do with assurances of security.) The Securing Debian HOWTO, in my view, suffers from quite a lot of gadget-freakery. Unfortunately, views differ strongly on what actually adds to system security, and what is absurd technophilia that detracts from auditability by adding useless complication. I state this with some hesitation, because doing so often attracts people who want to argue the point, and I honestly would prefer not to, having done so too many times in the past. portsentry strikes me as a classic in the gadget department, and a terrible idea, generally. Use snort! http://www.linux.ie/articles/portsentryandsnortcompared.php AIDE and tripwire (not to mention integrit) are completely useless for the situation described: They aim to allow you to _detect and correct_ breakins after the fact. They do nothing to prevent them. > although not entirely a good idea, maybe we should also look at the beta > kernels (2.5.66?). iirc, they provide some security and cryptography > options... Eh, so much for using well-tested, minimal code. ;-> -- Cheers, Evolution: Life's a niche, and then you die. Rick Moen [EMAIL PROTECTED] _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
