[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: assimilating OpenBSD



On Tue, Feb 06, 2001 at 03:59:28PM -0800, Erik Hollensbe wrote:

> 	I've made this point before, but debian comes installed with 3 very 
> unneeded services installed by default:
> 
> 	1) portmap

"Portmap is not insecure"  -- said here many times before. 

iirc portmap is started by default on OpenBSD systems. 

personally i think portmap should be off by default but thats just my
opinion which most people seem to disagree with.  fair enough. 

> 	2) mountd

mountd/nfsd are not started unless there is an export in
/etc/exports.  see the initscript, it exits if it can't find anything
in /etc/exports.  installed by default yes (priority standard) started
by default no. 

rpc.statd/lockd are indeed started though regardless of the status of
nfs exports/mounts.  

> 	Plus, there are TONS of GNU software tools, even more if you include 
> GPL'd tools in debian. OpenBSD wins it's claims by keeping the distribution 
> light from default install... which is why it's best geared towards a 
> firewall.

debian can be as thin or as bloated as you see fit.  dselect by
default selects all priority standard packages which should get a
fairly standard Free text mode unix system.  priority standard is a
bit more then you get in a default OpenBSD install, but not by that
much iirc.  if you want a really small system eschew priority
standard.  then you are definitly as light or lighter then openbsd.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpANotOfiRhN.pgp
Description: PGP signature


Reply to: