On Sun, Jun 04, 2000 at 07:04:57PM -0700, Stan Kaufman wrote: > Once the basic Debian system is installed from floppies and the rest of > the system is to be installed via dselect over the Internet, how does > one do this securely? It seems like all manner of mischief could occur > to the box during the download and install processes before one can > configure ipchains etc etc. Am I missing something simple here? its really not a problem since the base system contains no daemons which listen to the internet (except possibly inetd, but fixing inetd.conf is pretty quick and painless) if there is no ports open then your really pretty secure (as secure as a Macintosh [from network] that is) telnet, ssh, rsh/rlogin are not in the base system install. unlike redhat based dists you don't have to install every single daemon ever conceived of with dselect, only install what you need and want. then you don't have to spend so much time chasing around open ports. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpb9wqSV6hg5.pgp
Description: PGP signature