Sorry, Forgot to reply-to-all, to stressed for exam. See my reply forwarded below.
Chris ---------- Forwarded message ---------- From: Chris Henry <[EMAIL PROTECTED]> Date: Sat, May 3, 2008 at 1:50 PM Subject: Re: [Slugnet] Is it safe installing Ubuntu/Debian while connected to the Internet. To: Kelvin Quee <[EMAIL PROTECTED]> On Sat, May 3, 2008 at 1:32 PM, Kelvin Quee <[EMAIL PROTECTED]> wrote: > Hi Carlton, > > You puzzle me. > > > [EMAIL PROTECTED] wrote: > > > I love this part of the install. Hand-over. "Here you can do this again > > yourself. You'll need CD's 1-6, 8, 11 and 12." > > > A Ubuntu install CD comes in just 1 CD. A Debian install also only needs the first CD. > > > > > Someone said, not a direct quote, that doing an Internet install wasn't > > safe. I wanted to make sure that it is indeed safe. > > > But it really depends on the nature of the repository that you are getting > from. If you are installing from Debian Stable repositories (or your Ubuntu > equivalent (perhaps sticking to 6.06)), there should be no problems. > > Perhaps the biggest threat will come from an unstable Internet connection, > I guess. > > What are you actually asking? He might have been quoting me (see his previous post about Debian/Ubuntu mirror): [quote] network install (I suppose you're doing that) is considered a bad practice in sysadmin worlds unless you control the network pathway to the mirror (i.e. within the same organization)--there is many reasons for this, primarily security. Most people will use install CD and these CDs usually work. [/quote] When you do network install, make sure you're behind a good, secured firewall. If you are it's not a problem. If you are not, then your installation may be insecure. When you installed a Linux distribution, some services will go up even when they are not fully configured yet, these may open security holes. The advice is that you should set up everything correctly first before even connecting to Internet [1]. Of course, as I said, not everyone needs to conform to this rule. This is for paranoid sysadmins. (Or somebody who likes to play around with secure installation, it's actually pretty fun to install Debian system following the Securing Debian Howto; learned a lot of things doing that.) Furthermore, also make sure you used either your own mirror (so that you can certify that the contents are legit) or one of the public mirrors that are part of the debian-keyring (most of the primary mirrors and secondary mirrors). Regards, Chris [1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html#s3.3 -- contact: +65 97553292 e-mail: [EMAIL PROTECTED] / [EMAIL PROTECTED] / [EMAIL PROTECTED] facebook: http://nus.facebook.com/profile.php?id=502687583 _______________________________________________ Slugnet mailing list [email protected] http://wiki.lugs.org.sg/LugsMailingListFaq http://www.lugs.org.sg/mailman/listinfo/slugnet
