Using Debian for a bastion host.


I am setting up a bastion host and packet filtering router and taking
a crack at using Debian for this task.

I figured the first job would be to pick the neccasary packages for such a
system.  I have appended my list of packages to the end of this message.

_?_ means I don't know if I should use this package
_cut_ means I wasn't planning on using this package
_req_ means debian requires this package
_nec_ means I thought this package would be neccasary to set up or run the

I am trying to keep the system as "lean" and secure as possible.
Thanks....sorry for the length.  Any suggestions for further
modification of the package list?  Packages that should be 
removed once bastion host is setup (ie gcc, etc).  Thanks

	Henry Hollenberg     speed@barney.iamerica.net 

[speed@barney debian]$ grep _cut_ pkgs_abrev
Package: rcs                            _cut_
Package: emacs                          _cut_
Package: gpm                            _cut_
Package: perl                           _cut_
Package: cpio                           _cut_
Package: flex                           _cut_

[speed@barney debian]$ grep _?_ pkgs_abrev
Package: tetex-extra                    _?_
Package: dialog                         _?_
Package: lsof                           _?_
Package: mh                             _?_
Package: procmail                       _?_
Package: file                           _?_
Package: ncurses3.0                     _?_
Package: fdflush                        _?_
Package: tetex-base                     _?_
Package: libgdbm1                       _?_
Package: tcl74-dev                      _?_
Package: modconf                        _?_
Package: tetex-bin                      _?_
Package: libdb1-dev                     _?_
Package: inewsinn                       _?_
Package: ncurses3.0-dev                 _?_
Package: mailx                          _?_
Package: bsdmainutils                   _?_
Package: libelf0                        _?_
Package: mtools                         _?_
Package: smail                          _?_
Package: libreadline2                   _?_
Package: nvi                            _?_
Package: sharutils                      _?_
Package: patch                          _?_
Package: diff                           _?_
Package: strace                         _?_

[speed@barney debian]$ grep _req_ pkgs_abrev
Package: mbr                            _req_
Package: procps                         _req_
Package: ncurses-base                   _req_
Package: adduser                        _req_
Package: setserial                      _req_
Package: textutils                      _req_
Package: electric-fence                 _req_
Package: sed                            _req_
Package: passwd                         _req_
Package: base-passwd                    _req_
Package: util-linux                     _req_
Package: update                         _req_
Package: libc5                          _req_
Package: makedev                        _req_
Package: ncurses-bin                    _req_
Package: tar                            _req_
Package: ldso                           _req_
Package: timezone                       _req_
Package: gzip                           _req_
Package: syslinux                       _req_
Package: kbd                            _req_
Package: dpkg                           _req_
Package: base-files                     _req_
Package: findutils                      _req_
Package: shellutils                     _req_
Package: grep                           _req_
Package: mount                          _req_
Package: getty                          _req_
Package: e2fsprogs                      _req_
Package: modutils                       _req_
Package: sysvinit                       _req_
Package: hostname                       _req_
Package: login                          _req_
Package: fileutils                      _req_
Package: mawk                           _req_
Package: bash                           _req_
Package: debianutils                    _req_
Package: sysklogd                       _req_

[speed@barney debian]$ grep _nec_ pkgs_abrev
Package: kernel-source-2.0.29           _nec_
Package: wg15-locale                    _nec_
Package: lilo                           _nec_
Package: libreadline2-dev               _nec_
Package: bsdutils                       _nec_
Package: cron                           _nec_
Package: bin86                          _nec_
Package: manpages                       _nec_
Package: doc-linux                      _nec_
Package: lpr                            _nec_
Package: make                           _nec_
Package: ncurses-term                   _nec_
Package: doc-debian                     _nec_
Package: dpkg-ftp                       _nec_
Package: binutils                       _nec_
Package: cpp                            _nec_
Package: less                           _nec_
Package: dpkg-dev                       _nec_
Package: libg++27                       _nec_
Package: man-db                         _nec_
Package: debian-policy                  _nec_
Package: m4                             _nec_
Package: at                             _nec_
Package: wenglish                       _nec_
Package: dnsutils                       _nec_
Package: libbfd2.7.0.9                  _nec_
Package: groff                          _nec_
Package: ed                             _nec_
Package: gcc                            _nec_
Package: netstd                         _nec_
Package: libc5-dev                      _nec_
Package: gdb                            _nec_
Package: time                           _nec_
Package: libg++27-dev                   _nec_
Package: libdb1                         _nec_
Package: info                           _nec_
Package: netbase                        _nec_
Package: libgdbm1-dev                   _nec_
Package: kernel-source-2.0.30           _nec_
Package: biff                           _nec_

