Re: services installed and running "out of the box"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 26 Sep 2003 at 12:53:26PM -0400, Dale Amon wrote:
> Precisely. One cannot just install the packages and services
> one wants. One must step outside the package system to fix
> the problem, and continue to do so thereafter in the future.
>
> A major port service should not be installed on a system
> unless I specifically request its presence. There are too
> many packages which require things which they do not
> actually require.
I would consider implementing an iptables firewall (whether it be
shorewall or home brewed (if you know what you are doing)) to be a bare
minimum for best-practices.
Unfortunately (unlike RedHat and Mandrake) Debian offers no firewall as
part of the default installation.
My advise, have a good generic firewall shell script and use it and
place it in /etc/rc(S|2).d/ of every system you install.
- --
Phillip Hofmeister
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
- --
Excuse #139: NOTICE: alloc: /dev/null: filesystem full
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/d6/ES3Jybf3L5MQRAiQjAKCOBUy4i8G1PokOCJJrX2loOnFzOwCeMmhX
zPqbaxHBcGYZTyhGiwgCrkQ=
=EXjG
-----END PGP SIGNATURE-----
Reply to: