Re: rlinetd security
"Pat Moffitt" <pmoffitt@wrv.com> writes:
[snip]
> Now that answers some questions. Much better. At least when I turn them
> off I will have a clue about what might break.
>
> BTW, my philosophy on disabling unknown services/ports has been to
> disable it and see if anything breaks. If something breaks, then figure
> out what to do about it.
Well, it depends. You can never tidy up a rooted box; the same mentality
sort of applies all the way down - if you're setting up a box, why worry
about installing this and uninstalling that, when your original
installation shouldn't have had anything enabled in the first place? (And
yes, you can push that back into the distro, too.)
> But, this can be a tough philosophy on production machines. (No, I don't
> have machines that I can test with here. Nor do I have the time to set
> them up.)
Surely software you install on production machines has its requirements
either satisfied by the wonder that is apt-get, or documented properly? You
can, and should, start from blank and add things as you need.
> The concept of 'if you don't know why your running them you don't need
> them.' may be good advice but doesn't help those of use that are trying
> to understand Security.
It's a useful approach to take while you ask questions about it :)
~Tim
--
20:31:49 up 4 days, 35 min, 11 users, load average: 0.04, 0.03, 0.00
piglet@stirfried.vegetable.org.uk |Ideologies come, ideologies go
http://piglet.is.dreaming.org |A waste of words, and endless flow
Reply to: