At 16:14 29.09.2003, you wrote:
On Mon, Sep 29, 2003 at 11:02:53AM
+0100, Dale Amon wrote:
There is another common case I'd not mentioned. Since I do a
lot
of development work, I tend to have a *lot* of servers
installed
on my laptop, ready to run, but only when I need them. I do
this
On Tue, Sep 30, 2003 at 08:51:45AM +0200, Detlef Johanning wrote:
My business is just like yours. Since I've always managed the
/etc/rc?.d directories by hand the [trivial] solutuin for me
is to remove the symlinks the install scripts create. You can
also use update-rc or whatever Debian
On Mon, Sep 29, 2003 at 12:06:43AM -0400, Phillip Hofmeister wrote:
I would consider implementing an iptables firewall (whether it be
shorewall or home brewed (if you know what you are doing)) to be a bare
minimum for best-practices.
Unfortunately (unlike RedHat and Mandrake) Debian offers
On Tue, Sep 30, 2003 at 04:30:44PM +0200, Javier Fernández-Sanguino Peña wrote:
Wrong. The kernel shipped in Debian does provide firewalling capabilities.
Also, the iptables package is part of the default installation (Priority:
standard)
No, right. There is no configuration provided, making
At 16:14 29.09.2003, you wrote:
On Mon, Sep 29, 2003 at 11:02:53AM
+0100, Dale Amon wrote:
There is another common case I'd not mentioned. Since I do a
lot
of development work, I tend to have a *lot* of servers
installed
on my laptop, ready to run, but only when I need them. I do
this
On Tue, Sep 30, 2003 at 08:51:45AM +0200, Detlef Johanning wrote:
My business is just like yours. Since I've always managed the
/etc/rc?.d directories by hand the [trivial] solutuin for me
is to remove the symlinks the install scripts create. You can
also use update-rc or whatever Debian
On Mon, Sep 29, 2003 at 12:06:43AM -0400, Phillip Hofmeister wrote:
I would consider implementing an iptables firewall (whether it be
shorewall or home brewed (if you know what you are doing)) to be a bare
minimum for best-practices.
Unfortunately (unlike RedHat and Mandrake) Debian offers
On Tue, Sep 30, 2003 at 04:30:44PM +0200, Javier Fernández-Sanguino Peña wrote:
Wrong. The kernel shipped in Debian does provide firewalling capabilities.
Also, the iptables package is part of the default installation (Priority:
standard)
No, right. There is no configuration provided, making
On Mon, Sep 29, 2003 at 12:06:43AM -0400, Phillip Hofmeister wrote:
On Fri, 26 Sep 2003 at 12:53:26PM -0400, Dale Amon wrote:
Precisely. One cannot just install the packages and services
one wants. One must step outside the package system to fix
the problem, and continue to do so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 26 Sep 2003 at 12:53:26PM -0400, Dale Amon wrote:
Precisely. One cannot just install the packages and services
one wants. One must step outside the package system to fix
the problem, and continue to do so thereafter in the future.
A
On Mon, Sep 29, 2003 at 12:06:43AM -0400, Phillip Hofmeister wrote:
On Fri, 26 Sep 2003 at 12:53:26PM -0400, Dale Amon wrote:
Precisely. One cannot just install the packages and services
one wants. One must step outside the package system to fix
the problem, and continue to do so
On Mon, Sep 29, 2003 at 11:02:53AM +0100, Dale Amon wrote:
There is another common case I'd not mentioned. Since I do a lot
of development work, I tend to have a *lot* of servers installed
on my laptop, ready to run, but only when I need them. I do this
entirely manually at present. I'd like
On Fri, Sep 26, 2003 at 04:29:45AM -0300, Peter Cordes wrote:
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
What is so difficult? No web server is installed by default. If you don't
want one, don't install one.
Dependencies.
Exactly. Please, please make freshly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 26 Sep 2003 at 12:53:26PM -0400, Dale Amon wrote:
Precisely. One cannot just install the packages and services
one wants. One must step outside the package system to fix
the problem, and continue to do so thereafter in the future.
A
On Fri, Sep 26, 2003 at 04:29:45AM -0300, Peter Cordes wrote:
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
What is so difficult? No web server is installed by default. If you don't
want one, don't install one.
Dependencies.
Exactly. Please, please make freshly
In article [EMAIL PROTECTED] you wrote:
We can see it the other way: why bother the user with the details
of running a service if the clued ones can easily stop or disable
the installed daemons until they are configured properly?
We scare because we care.
Greetings
Bernd
--
eckes privat -
Hi *,
Matt Zimmerman crivait :
Having a web server listen on a particular interface should not be
controlled by whether or not a particular package is installed.
It should be controlled by the configuration of the package.
What about giving this configuration a default value taken
In article [EMAIL PROTECTED] you wrote:
We can see it the other way: why bother the user with the details
of running a service if the clued ones can easily stop or disable
the installed daemons until they are configured properly?
We scare because we care.
Greetings
Bernd
--
eckes privat -
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
It can be damnably difficult to dump the web server... I've ended
up downloading dhttpd and then removing links or changing the
init.d/dhttpd file name.
What is so
On Thu, Sep 25, 2003 at 07:33:00AM -0700, Adam Lydick wrote:
I like that idea, and it sounds fairly simple - packages just check
/etc/secure_level (or something similar) and do the right thing. The
tricky part is convincing every package maintainer to adopt it ;)
Well, Mandrake packages IIRC
On Thu, Sep 25, 2003 at 06:05:13PM -0400, Michael Stone wrote:
That's been the policy, but's it's stupid nowadays. It's too easy to
pull in an unexpected service when installing something with all the
tasks and dependency chains. There needs to be a mode where a user can
say, I don't want to
On Fri, Sep 26, 2003 at 04:29:45AM -0300, Peter Cordes wrote:
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
What is so difficult? No web server is installed by default. If you don't
want one, don't install one.
Dependencies. I've had the same annoying experience as
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps
David Wright [EMAIL PROTECTED] writes:
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default.
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
It can be damnably difficult to dump the web server... I've ended
up downloading dhttpd and then removing links or changing the
init.d/dhttpd file name.
What is so difficult?
On Fri, Sep 26, 2003 at 10:44:21AM -0400, Matt Zimmerman wrote:
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Where does one go from here?
If you only want the web server for reading documentation, reconfigure the
web server to only listen on localhost.
Precisely. One
On Fri, Sep 26, 2003 at 05:52:54PM +0100, Dale Amon wrote:
On Fri, Sep 26, 2003 at 10:44:21AM -0400, Matt Zimmerman wrote:
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Where does one go from here?
If you only want the web server for reading documentation, reconfigure
In article [EMAIL PROTECTED] you wrote:
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.
On the other hand this pretty much sounds like
On Fri, Sep 26, 2003 at 02:06:01PM -0400, Matt Zimmerman wrote:
He wants the service, he just wants it only for local use. That is not
something that should be handled at the package level.
Why not? The boot-floppies already set the locale for the whole system.
I think it would be nice if
On Fri, Sep 26, 2003 at 09:37:22PM +0200, Marcin Owsiany wrote:
On Fri, Sep 26, 2003 at 02:06:01PM -0400, Matt Zimmerman wrote:
He wants the service, he just wants it only for local use. That is not
something that should be handled at the package level.
Why not? The boot-floppies already
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
At high security levels, any new services that get installed (from RPMs)
are only allowed from localhost or even, IIRC, services may not even
be started by default, neither post-install nor on reboot: you have to
set them up
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface)
On Thu, Sep 25, 2003 at 12:34:34PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
The base installation is partially decided by the priority of the package
('required', 'important', 'standard', 'optional', 'extra'). The
archive maintainers have the final word (that is the 'ftp.debian.org'
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
It can be damnably difficult to dump the web server... I've ended
up downloading dhttpd and then removing links or changing the
init.d/dhttpd file name.
What is so
On Thu, Sep 25, 2003 at 07:33:00AM -0700, Adam Lydick wrote:
I like that idea, and it sounds fairly simple - packages just check
/etc/secure_level (or something similar) and do the right thing. The
tricky part is convincing every package maintainer to adopt it ;)
Well, Mandrake packages IIRC
On Fri, Sep 26, 2003 at 04:29:45AM -0300, Peter Cordes wrote:
On Fri, Sep 26, 2003 at 12:51:35AM -0400, Matt Zimmerman wrote:
What is so difficult? No web server is installed by default. If you don't
want one, don't install one.
Dependencies. I've had the same annoying experience as
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps
David Wright [EMAIL PROTECTED] writes:
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default.
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
It can be damnably difficult to dump the web server... I've ended
up downloading dhttpd and then removing links or changing the
init.d/dhttpd file name.
What is so difficult?
On Fri, Sep 26, 2003 at 10:44:21AM -0400, Matt Zimmerman wrote:
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Where does one go from here?
If you only want the web server for reading documentation, reconfigure the
web server to only listen on localhost.
Precisely. One
On Fri, Sep 26, 2003 at 05:52:54PM +0100, Dale Amon wrote:
On Fri, Sep 26, 2003 at 10:44:21AM -0400, Matt Zimmerman wrote:
On Fri, Sep 26, 2003 at 02:52:27PM +0100, David Wright wrote:
Where does one go from here?
If you only want the web server for reading documentation, reconfigure
On Fri, Sep 26, 2003 at 02:06:01PM -0400, Matt Zimmerman wrote:
He wants the service, he just wants it only for local use. That is not
something that should be handled at the package level.
Why not? The boot-floppies already set the locale for the whole system.
I think it would be nice if
On Fri, Sep 26, 2003 at 09:37:22PM +0200, Marcin Owsiany wrote:
On Fri, Sep 26, 2003 at 02:06:01PM -0400, Matt Zimmerman wrote:
He wants the service, he just wants it only for local use. That is not
something that should be handled at the package level.
Why not? The boot-floppies already
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
At high security levels, any new services that get installed (from RPMs)
are only allowed from localhost or even, IIRC, services may not even
be started by default, neither post-install nor on reboot: you have to
set them up
At 22.16 24/09/03 -0400, Noah L. Meyerhans wrote:
How 'bout this idea: We can create a user-definable policy as to whether
or not newly installed packages that provide init scripts actually have
these init scripts run during their postinst. So, we have a file in
/etc/defaults or something that is
On Thu, 2003-09-25 at 03:19, Stefano Salvi wrote:
At 22.16 24/09/03 -0400, Noah L. Meyerhans wrote:
How 'bout this idea: We can create a user-definable policy as to whether
or not newly installed packages that provide init scripts actually have
these init scripts run during their postinst.
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
What about a package like the harden-* package, but one that conflicts
with packages that are pointless for a client/desktop system?
Unless such a package is part of the standard installation, it's really
of no use. The
On Thu, Sep 25, 2003 at 07:48:00AM -0700, Adam Lydick wrote:
I haven't done more then look at the screen shots for it, but the
personal firewall (eg: iptables frontend) that comes with RH9 looks to
be default deny for most incoming traffic while providing a nice (read:
graphical and
On Thu, Sep 25, 2003 at 08:19:43AM +0200, Stefano Salvi wrote:
I think thisi is not wise:
Only because you misunderstand my idea.
- Why I must have services installed that I cannot use (are not started by
default)?
I didn't say anything about not starting by default. I said that they
would
Javier Fernández-Sanguino Peña schrieb:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface) would be nice, too.
A mail
On Thu, Sep 25, 2003 at 12:34:34PM +0200, Javier Fernández-Sanguino Peña wrote:
The compromise in Debian has always been that a service that gets installed
will be executed in a minimum configuration, if you don't want it, don't
install it or remove it.
That's been the policy, but's it's stupid
On Wed, Sep 24, 2003 at 09:54:05PM +0100, Dale Amon wrote:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface)
On Thu, Sep 25, 2003 at 12:34:34PM +0200, Javier Fern?ndez-Sanguino Pe?a wrote:
The base installation is partially decided by the priority of the package
('required', 'important', 'standard', 'optional', 'extra'). The
archive maintainers have the final word (that is the 'ftp.debian.org'
Agreed. The X maintainers (as one example) started doing that a while
back. I run exim and a few other services like this (manually
configured, sadly).
On Wed, 2003-09-24 at 15:04, Florian Weimer wrote:
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to
I like that idea, and it sounds fairly simple - packages just check
/etc/secure_level (or something similar) and do the right thing. The
tricky part is convincing every package maintainer to adopt it ;)
There are some hardening packages available, but I haven't had a
chance to play with them yet.
I haven't done more then look at the screen shots for it, but the
personal firewall (eg: iptables frontend) that comes with RH9 looks to
be default deny for most incoming traffic while providing a nice (read:
graphical and straightforward) way to punch essential holes through it
as needed. (and
At 22.16 24/09/03 -0400, Noah L. Meyerhans wrote:
How 'bout this idea: We can create a user-definable policy as to whether
or not newly installed packages that provide init scripts actually have
these init scripts run during their postinst. So, we have a file in
/etc/defaults or something that
On Thu, 2003-09-25 at 03:19, Stefano Salvi wrote:
At 22.16 24/09/03 -0400, Noah L. Meyerhans wrote:
How 'bout this idea: We can create a user-definable policy as to whether
or not newly installed packages that provide init scripts actually have
these init scripts run during their postinst.
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
What about a package like the harden-* package, but one that conflicts
with packages that are pointless for a client/desktop system?
Unless such a package is part of the standard installation, it's really
of no use. The
On Thu, Sep 25, 2003 at 08:19:43AM +0200, Stefano Salvi wrote:
I think thisi is not wise:
Only because you misunderstand my idea.
- Why I must have services installed that I cannot use (are not started by
default)?
I didn't say anything about not starting by default. I said that they
would
Javier Fernández-Sanguino Peña schrieb:
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface) would be nice, too.
A
On Thu, Sep 25, 2003 at 12:34:34PM +0200, Javier Fernández-Sanguino Peña wrote:
The compromise in Debian has always been that a service that gets installed
will be executed in a minimum configuration, if you don't want it, don't
install it or remove it.
That's been the policy, but's it's
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which isn't enabled by default)
Is this something that needs to be taken
Hi,
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Wed, Sep 24, 2003 at 01:59:16PM -0500, Ryan Underwood wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface) would be nice, too.
It can be damnably difficult to dump the web
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
At high security levels, any new services that get installed (from RPMs)
are only allowed from
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
Honestly, I think we can get away
On Wed, Sep 24, 2003 at 08:16:41PM -0400, Noah L. Meyerhans wrote:
Basically, I think that security levels don't gain you anything over
don't install the package.
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such
On Thu, 25 Sep 2003 12:16, Noah L. Meyerhans wrote:
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally
configured, and which can allow exactly
On Wed, Sep 24, 2003 at 09:01:26PM -0400, Michael Stone wrote:
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.
Well, remember that the
On Wed, Sep 24, 2003 at 09:39:32PM -0400, Noah L. Meyerhans wrote:
Well, remember that the scope of this discussion is the default Debian
installation.
Except, what is default? If you install a workstation task should you
assume that you'll get open ports? (As the task packages pull in
Agreed. The X maintainers (as one example) started doing that a while
back. I run exim and a few other services like this (manually
configured, sadly).
On Wed, 2003-09-24 at 15:04, Florian Weimer wrote:
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which isn't enabled by default)
Is this something that needs to be taken
Hi,
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Wed, Sep 24, 2003 at 01:59:16PM -0500, Ryan Underwood wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs --
On Wed, Sep 24, 2003 at 03:59:28PM -0400, Noah L. Meyerhans wrote:
For starters, I think portmap, rpc.statd, and inetd should not run by
default. Not running a mail server (or perhaps only running one on the
loopback interface) would be nice, too.
It can be damnably difficult to dump the web
On Wed, Sep 24, 2003 at 01:42:01PM -0700, Adam Lydick wrote:
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
At high security levels, any new services that get installed (from RPMs)
are only allowed from
On Thu, Sep 25, 2003 at 11:12:28AM +1200, Steve Wray wrote:
For what its worth, and without wanting a distro-religious war about it,
Mandrake has a variety of security levels, which can be locally configured,
and which can allow exactly this sort of behavior;
Honestly, I think we can get away
On Wed, Sep 24, 2003 at 09:01:26PM -0400, Michael Stone wrote:
Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.
Well, remember that the
On Wed, Sep 24, 2003 at 09:39:32PM -0400, Noah L. Meyerhans wrote:
Well, remember that the scope of this discussion is the default Debian
installation.
Except, what is default? If you install a workstation task should you
assume that you'll get open ports? (As the task packages pull in
On Wed, Sep 24, 2003 at 09:52:07PM -0400, Michael Stone wrote:
Except, what is default? If you install a workstation task should you
assume that you'll get open ports? (As the task packages pull in
dependencies, etc.) I think it makes more sense to provide a safety net
then to try to predict
@lists.debian.org
Subject: services installed and running out of the box
Is there any effort to reduce the number of services running on a
default debian install? For example: a typical workstation user doesn't
really need to have inetd enabled, nor portmap (unless they are running
fam or nfs -- which
87 matches
Mail list logo