Re: SSH with potato, not very secure?
> > I believe it becomes uncommented if one installs over the network? (That
> > would make sense to ME anyway.)
> I installed solely over ftp/http from central debian-servers and this is
> what the aforementioned line looks like with me:
> #deb http://security.debian.org stable/updates main contrib non-free
> So, what makes sense is not necessarily so in real life...
Well, it would be nice if it would. Another wish list idea:
By default block all incoming network connections with ipchains or
netfilter immediately after configuring a network device. Of course,
let the installer know this has happened, and that it's for their own good,
and that they should read about packet filtering and security in general.
But then give the option to completely remove the filter, or edit
the configuration file by hand.