Re: services installed and running "out of the box"

To: debian-security@lists.debian.org
Subject: Re: services installed and running "out of the box"
From: Michael Stone <mstone@debian.org>
Date: Wed, 24 Sep 2003 21:01:26 -0400
Message-id: <[🔎] 20030925010126.GR3638@mathom.us>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20030925001640.GO1904@morgul.net>
References: <[🔎] 1064436121.641.26.camel@elessar> <[🔎] 20030924220453.GA10291@deneb.enyo.de> <[🔎] 200309251112.28841.stevew@catalyst.net.nz> <[🔎] 20030925001640.GO1904@morgul.net>

On Wed, Sep 24, 2003 at 08:16:41PM -0400, Noah L. Meyerhans wrote:

Basically, I think that "security levels" don't gain you anything over

"don't install the package".


Until installing a package has the side effect of installing a network
service. Having a default-deny-incoming firewall or some such would go a
long way toward preventing accidental vulnerability exposure.

Mike Stone

Reply to:

Follow-Ups:
- Re: services installed and running "out of the box"
  - From: "Noah L. Meyerhans" <noahm@debian.org>
- Re: services installed and running "out of the box"
  - From: Adam Lydick <adam.lydick@verizon.net>
- Re: services installed and running "out of the box"
  - From: Bernd Eckenfels <ecki@calista.eckenfels.6bone.ka-ip.net>

References:
- services installed and running "out of the box"
  - From: Adam Lydick <adam.lydick@verizon.net>
- Re: services installed and running "out of the box"
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: services installed and running "out of the box"
  - From: Steve Wray <stevew@catalyst.net.nz>
- Re: services installed and running "out of the box"
  - From: "Noah L. Meyerhans" <noahm@debian.org>

Prev by Date: Re: MS BS
Next by Date: Re: services installed and running "out of the box"
Previous by thread: Re: services installed and running "out of the box"
Next by thread: Re: services installed and running "out of the box"
Index(es):
- Date
- Thread