[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OS Hardening

"S.Salman Ahmed" escribió:
> [No need to CC: me guys, I read each and every list mail I
> receive. Thanks.]
> >>>>> "BMA" == Bradley M Alexander <storm@tux.org> writes:
>     BMA>  The problem with this is that, generally speaking, there are
>     BMA> as many configurations as there are sysadmins or users out
>     BMA> there. You would run the risk of bogging down in the mire of
>     BMA> details and asking questions that the user really has no clue
>     BMA> about. In this case, as a security person, the idea of
>     BMA> "profiles" in lieu of actual knowledge or familiarity is a
>     BMA> dangerous thing.
> [snip]
>     BMA>
>     BMA> Personally I turn them off and rely on secure shell on my
>     BMA> network at home.
>     BMA>
> I use SSH on my home network as well.
> You make some good points in your email Bradley. I think that if I were
> to every to install a Linux distro using some kind of install profiles,
> I would still want to know why things were installed a certain way.
> After reading Andres' email about how Mandrake handles and implements
> security profiles, and your email, I am convinced that they aren't the
> best solution to securing a system. Afterall, any Linux installation is
> only as secure as the user/administrator who performed the install and
> tends to the post-install and administration tasks.
> After doing a Debian install, I have my own checklist of things I do to
> *try* and secure the installation.

	*Please* post it. It could be really useful for documents like the
Securing-Debian-HOWTO, I have my own checklist and will update the HOWTO with it

	So, for all of you.. new thread? : checklist of things to do for a secure

n:Fernández-Sanguino Peña;Javier
tel;fax:+34-91 806 46 41
tel;work:+34-91 806 46 40
org:SGI-GMV sistemas;Seguridad Lógica
adr:;;Sector Foresta 1;Tres Cantos;Madrid;E-28760;Spain
fn:Javier Fernández-Sanguino Peña

Reply to: