On Wednesday 15 August 2007 21:19, Henri Salo wrote: > On Wed, 15 Aug 2007 14:23:06 -0500 > > Pat <paparsoss@gmail.com> wrote: > > There are a few security issues I have noticed about debian's > > installation. > > 1) No firewall setup during the install process, as it would be a > > simple matter to run lokkit at the end of the install I fail to see > > why this is not > > done. > > 2) Rpfilter and tcp syncookies are not enabled by default. Again > > this is a simple correction, and indeed has been mentioned in several > > open source linux guides for years. > > 3) Do we really need portmap, inetd, or nfs running by default on our > > workstations? > > There shouldn't be any ports open to internal network after > installation. > Where do you need firewall after installation when you > can make one i.e. with iptables? Yes, but not everyone is able to make one... There is a lot of people who are using Debian only as a workstation to create for example some OO documents, and they really dont need to know what iptables is or some other packages involved in security issues... > > - Henri 'fgeek' Salo Regards Pawel -- Proud Debian GNU/Linux User: Pawel"at"Wartan"dot"org kadu:3735326 Registered Linux User : 406139 |PLUG :1966491030 Home Page: http://www.wartan.org |