Re: default security

To: Tarjei <tarjei@nu.no>
Cc: debian-security@lists.debian.org
Subject: Re: default security
From: Tim Haynes <debian@stirfried.vegetable.org.uk>
Date: Tue, 15 Jan 2002 14:00:55 +0000
Message-id: <[🔎] 86zo3fk92g.fsf@potato.vegetable.org.uk>
Reply-to: debian@stirfried.vegetable.org.uk
In-reply-to: <[🔎] 3C44325B.3060206@nu.no> (Tarjei's message of "Tue, 15 Jan 2002 14:44:59 +0100")
References: <[🔎] 02010810371000.00456@NodeFilter> <[🔎] 10934.1010554342@kanga.nu> <[🔎] 20020114093138.GC17870@dat.etsit.upm.es> <[🔎] 02011407525900.01027@NodeFilter> <[🔎] 20020114231245.J1098@morgul.net> <[🔎] 3C43F47C.3060109@nu.no> <[🔎] 20020115121612.GH3595@dat.etsit.upm.es> <[🔎] 86k7ujlr2k.fsf@potato.vegetable.org.uk> <[🔎] 3C44325B.3060206@nu.no>

Tarjei <tarjei@nu.no> writes:

> Hmm. Here's a suggestion.
>
> - This idea is based on the asumtion that espesially serversystems need
> good security.

*All* installed boxes need adequate securing. Linux worms would not
propagate if it weren't for a critical mass of idiots running unpatched
daemons & packages; scanning by IP# is no respector of `this is a server'
or `this is a workstation'; it just happens that servers *have* to be
"secure" while workstations tend not to be.

> 1. Make a votingpage and anounce it on debian-users asking what are the
> main servers people are running on their debian systems.

You'd want a control poll e.g. on slashdot or somewhere as well because the
Internet as a whole will run different servers in different amounts - more
web servers than DNS than email? Or similar numbers of each?

> 2. Go through the 10 highest and make sure they follow secure practies
> like libsafe.

Personally I think a BIG disclaimer in the installer, `look, if you will
run these things, on your head be it' for every daemon that gets installed
would be in order.

[snip]
> I apoligize to all the people reading this list for filling it with rants.
> Will stop now.

~Tim
-- 
<http://spodzone.org.uk/>

Reply to:

References:
- IPSec questions...
  - From: Stefan Srdic <linuxbox@telusplanet.net>
- Re: IPSec questions...
  - From: J C Lawrence <claw@kanga.nu>
- Asking for documentation help (Re: IPSec questions...)
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Asking for documentation help (Re: IPSec questions...)
  - From: Stefan Srdic <linuxbox@telusplanet.net>
- Re: Asking for documentation help (Re: IPSec questions...)
  - From: "Noah L. Meyerhans" <frodo@morgul.net>
- default security
  - From: Tarjei <tarjei@nu.no>
- Re: default security
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: default security
  - From: Tim Haynes <debian@stirfried.vegetable.org.uk>
- Re: default security
  - From: Tarjei <tarjei@nu.no>

Prev by Date: Re: Debian security being trashed in Linux Today comments
Next by Date: Re: Debian security being trashed in Linux Today comments
Previous by thread: Re: default security
Next by thread: Re: default security
Index(es):
- Date
- Thread