[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: default security

Tarjei <tarjei@nu.no> writes:

> Hmm. Here's a suggestion.
> - This idea is based on the asumtion that espesially serversystems need
> good security.

*All* installed boxes need adequate securing. Linux worms would not
propagate if it weren't for a critical mass of idiots running unpatched
daemons & packages; scanning by IP# is no respector of `this is a server'
or `this is a workstation'; it just happens that servers *have* to be
"secure" while workstations tend not to be.

> 1. Make a votingpage and anounce it on debian-users asking what are the
> main servers people are running on their debian systems.

You'd want a control poll e.g. on slashdot or somewhere as well because the
Internet as a whole will run different servers in different amounts - more
web servers than DNS than email? Or similar numbers of each?

> 2. Go through the 10 highest and make sure they follow secure practies
> like libsafe.

Personally I think a BIG disclaimer in the installer, `look, if you will
run these things, on your head be it' for every daemon that gets installed
would be in order.

> I apoligize to all the people reading this list for filling it with rants.
> Will stop now.


Reply to: