Re: securing server

To: debian-security@lists.debian.org
Subject: Re: securing server
From: martin f krafft <madduck@debian.org>
Date: Wed, 7 May 2008 10:43:13 +0100
Message-id: <[🔎] 20080507094313.GA8333@lapse.madduck.net>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 1210152509.4647.7.camel@localhost>
References: <[🔎] fa218e630805070209x1c5837cbs6b33c32bf3e2b4b9@mail.gmail.com> <[🔎] 1210152509.4647.7.camel@localhost>

also sprach weakish <weakish@gmail.com> [2008.05.07.1028 +0100]:
> Use update-rc.d or sysv-rc-conf to disable unwanted daemons 

disable by making them all K00 links

> logcheck

hardly a security measure.

> use integrit/aide/tripwire

only useful with read-only media

> You may consider chroot.

no security benefit

> It's a good idea to read through securing debian howto

yes!

-- 
 .''`.   martin f. krafft <madduck@debian.org>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
 
"the pure and simple truth is rarely pure and never simple."
                                                      -- oscar wilde

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

Reply to:

Follow-Ups:
- Re: securing server
  - From: Simon Brandmair <sbrandmair@gmx.net>
- Re: securing server
  - From: phobot <piter90@gmail.com>

References:
- securing server
  - From: "Jean-Paul Lacquement" <zelos414@gmail.com>
- Re: securing server
  - From: weakish <weakish@gmail.com>

Prev by Date: Re: securing server
Next by Date: Re: securing server
Previous by thread: Re: securing server
Next by thread: Re: securing server
Index(es):
- Date
- Thread