Re: secure install
On Thu, 15 Feb 2001 15:34:07 +0100
Raphael Bauduin <rb@tiscali.be> wrote:
> Hi, I'm looking for a way to install a debian potato as securely
> as possible. I would follow this procedure in the future to
> install a lot of servers. The problem I have is that a lot of
> unwanted packages get installed by default (telnetd, exim, at, bc,
> fingerd, gpm, lpr, mtools, mutt, nfs-server, talkd, ....), and
> having to deinstall them manually each time is not very secure as
> one could forget a package anytime. It is also time consuming.
> Is there a way to prevent the installation of those packages? Why
> are these installed? Where is it configured?
Sure, the simplest, and in my mind, smartest approach is to just not
do multiple installs. Install oneto one disk, configure it as you
wish, and then use `dd` to duplicate that disk as many times as
needed. Here I keep a stock of comparitive Woddy installs on
various media types (IDE/SCSI/installation types) for just that
purpose.
Got a new desktop? Got a new web server? Got a new test box?
What sort of drive? Grab a matching disk off the shelf and one
`dd` later its all done.
--
J C Lawrence claw@kanga.nu
---------(*) http://www.kanga.nu/~claw/
--=| A man is as sane as he is dangerous to his environment |=--
Reply to: