Securing a Debian machine
People are making many valid points with respect to mbr, security
of a Debian based machine and ease of maintenance. I think everyone
agrees that this is (yet another) way to 'break' into a Debian
machine (even if you don't, discuss it elsewhere so you don't hijack
this thread).
I propose we do the following:
- leave mbr as it currently stands. Most users are worried about
net or user based attacks, not about physical attacks.
- Create a security document outlining the changes needed to make
a Debian machine secure from different types of attacks. One
section would outline the steps needed to protect a machine
from people with physical access to the machine (*). This
document should be Debian specific.
>From the emotional level of the mbr discussion, I am sure there are
some people out there who would be willing to work on such a document.
If someone comes up with a good outline, send it to me. I can give
them access to the website so it can go online.
The implementation of a 'Securing Debian' document could also go
a long way toward showing people how secure a Debian based system
can be. I get sick of hearing people state that *BSD is more secure.
--
James (Jay) Treacy
treacy@debian.org
Reply to: