On Fri, 2002-04-26 at 15:10, Lester Cheung wrote: > Just want to know how secure/insecure is a minimal debian install. coz > the more I read, the more paranoid I am. I have read the debian security > howto serveral times. Are the suggestions in there enough for a normal > home machine/regular office gateway? > > Even that I have serveral computer connected to the internet. Is there > anything I can do to minimise the chance of being owned?
Everything can be attacked. I have a Debian Potato gateway, it has never been sucessfully attacked. I have the security update running every 24 hours to ensure it stays secure. Install the absolute minimum, Debian has a sensible lock down approach. I had a redhat 6.2 system on the Net and someone got to it. REdhat has a better approach now to security much to the confusion of the RedHat users when thing stop working after upgrades, they are used to the holes. If you want ultimate security you might want to look at a CD only system, read only and cannot be clobbered. KenF -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
