[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SOP for debian isp/corporate server...

1)   There is a manual on securing Debian at:

2) There really is no SOP on "bloat" because one man's bloat is another's needed

   You, however, can create your own. Basically do an install and add/strip
whatever packages you want. Once you have your "perfect" set of packages do a:

dpkg --get-selections '*' > {some-file-name}

  You will now have a list of the status of all Debian packages (i.e. installed,
purged, etc.) on your system.

  Next time you do an install do a:

dpkg --set-selections < {some-file-name}

then run apt-get dselect-upgrade

This will add and remove packages as needed to bring the packages on your new
system exactly like the base system.

ELB Internet Service, Inc.
Web Design, Computer Consulting, Internet Ho

Quoting prasad <pgadgil@hathway.com>:

> hi,
> As many of you must have experienced, there are usual SOPs for setting
> up
> non-bloated, secure bare-bones Servers with respective OSs eg for
> solaris.
> Is there SOP for debian, if not, I guess this list is better poised to
> produce one. Any links, pointers... I have googled, but didn't find any
> old
> message,
> What applies for isp-servers also applies for corporate servers which
> are
> 24/7 connected to net for things like mail etc, which need to take
> similar
> precautions. One of the reasons I have found, one company took a policy
> decision to not deploy to linux servers some time back, is becuse these
> rapidly moving distros like RH with insecure preinstalled bloat, was
> causing
> major maintainance & security hasle. Now that RH is out of picture, and
> debian just the kind of thing made for such a configuration, SOP will
> help.
> regards,
> prasad
> -- 
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org


Reply to: