On Thu, 2004-05-27 at 15:40 +0800, Eric Noel wrote: > So does this mean that if i put a debian box (just plaint bf24, console > only, no additional package) in the Internet, it cannot defend itself > against an attack? im just worried, coz i used before a bf24 debian, > console only, remove any uneeded inetd services (e.g. discard, auth, > time, etc), and installed shorewall for its fw module (open/forward port > 80 only) that it cant defend itself from an attack or takeover.
You miss the point. Neither would a plain Cisco box, or an OpenBSD setup, or any secure distribution would survive in the wild and work at once to your environment without any reconfiguration. Whatever choice you may want to go - you'd have to invest time to configure it for security, and maintain that state of security. The things you did are just the part of the first steps after planning (reduce the number of unnecessary services). Having it constant updated for security updates is another thing to do. Further configuring it would also be desirable if you've got very special security requirements. -- Paolo Alexis Falcone [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
-- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
