[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian or Redhat 7???

oops...guess there was a reason I wasn't using it already ;)

rick

On Mon, 19 Feb 2001, Tal Danzig wrote:

> On Mon, Feb 19, 2001 at 07:13:40PM -0800, Rick Rezinas wrote:
> > I've been loosely foloowing this thread, and hope you have the best of
> > luck locking down.  A few places to start with the inetd.conf file.  You probably don't
> > need any of those services.  Install ssh.  Setup your apt sources.list to
> > check for 
> > 
> > deb http://security.debian.org stable/updates main contrib non-free
> > 
> > but you may want to use a mirror, so they don't get nailed.
> > 
> 
> There are no mirrors of security.debian.org (or shouldn't be)
> for security reasons.
> This way the authenticity of security packages can be better controlled.
> 
> - Tal
> 
> > basically, each line in the sources.list has a list of packages, and they
> > look to see who is the newest and install that puppy.
> > 
> > those are a coupla basic steps to locking down your box.  Others include
> > not running named cux it's often a problem...I have no doubt that there are
> > crackers out there with several named and sendmail holes in their pocket.
> > That haven't been exposed before.  So if you run mail, check out qmail. 
> > IMHO.  Don't have key services run as root, like your webserver if that is
> > key.  That way if you get compromised they still need to work for root.
> > 
> > have a nice day
> > rick
> > 
> > 
> > 
> > On Mon, 19 Feb 2001, Steve Rudd wrote:
> > 
> > > Steve here,
> > > 
> > > Well first, I repent of calling Linux 7: Redhat 7. Yes I am new. I have 
> > > been maintaining my own box from a su level for about 3 months. That is why 
> > > I was calling in an expert to install Debian tomorrow. It has become quite 
> > > obvious to me that I am way over my head in trying to get my server secure.
> > > 
> > > But I would also like to say that I was humbled by the sheer volume of 
> > > caring replies. I want to say that I have taken note of all of them and 
> > > thank you.
> > > 
> > > My personal/superficial conclusions to my own questions based upon your 
> > > replies is that Debian (as a software package) is a little more secure (for 
> > > a variety of reasons), than Redhat 7. But the biggest factor is me getting 
> > > pro help by someone who knows what he is doing. Done!
> > > 
> > > There is one primary reason why I would have chosen Debian over Redhat in 
> > > the first place. The auto-update feature. I was on line for the Redhat 
> > > Network. It never notified me of anything. Even now, after being hacked, is 
> > > gives me those nice smiley icons saying all is ok! <g>
> > > 
> > > For me to get the box set up, then issue a one line command as the SU via 
> > > "CRT" program in SSH mode, to update is breathtakingly attractive!
> > > 
> > > Steve
> > > 
> > > 
> > > -- 
> > > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> > > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > > 
> > 
> > 
> > --  
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > 
> 
> -- 
> ----------------------------------------------------------------- 
> Tal Danzig     tal@libranet.com |          Libranet Linux
> http://tal.thepenismightier.net |     http://www.libranet.com
> ----------------------------------------------------------------- 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: