Re: secure installation

To: debian-security@lists.debian.org
Subject: Re: secure installation
From: Henri Salo <fgeek@fgeek.fi>
Date: Wed, 15 Aug 2007 23:19:19 +0300
Message-id: <[🔎] 20070815231919.1114b061@f1fc>
In-reply-to: <[🔎] 2e4e9dbd0708151223q2f88f8e1m7689fb2912ca16fd@mail.gmail.com>
References: <[🔎] 2e4e9dbd0708151223q2f88f8e1m7689fb2912ca16fd@mail.gmail.com>

On Wed, 15 Aug 2007 14:23:06 -0500
Pat <paparsoss@gmail.com> wrote:

>   There are a few security issues I have noticed about debian's
> installation.
>  1) No firewall setup during the install process, as it would be a
> simple matter to run lokkit at the end of the install I fail to see
> why this is not
>  done.
>  2) Rpfilter and tcp syncookies are not enabled by default. Again
> this is a simple correction, and indeed has been mentioned in several
> open source linux guides for years.
>  3) Do we really need portmap, inetd, or nfs running by default on our
>  workstations?

There shouldn't be any ports open to internal network after
installation. Where do you need firewall after installation when you
can make one i.e. with iptables?

- Henri 'fgeek' Salo

Reply to:

Follow-Ups:
- Re: secure installation
  - From: Paweł Krzywicki <krzywicki.pawel@googlemail.com>

References:
- secure installation
  - From: Pat <paparsoss@gmail.com>

Prev by Date: secure installation
Next by Date: Re: secure installation
Previous by thread: secure installation
Next by thread: Re: secure installation
Index(es):
- Date
- Thread