Re: Debian or Redhat 7???
oops...guess there was a reason I wasn't using it already ;)
rick
On Mon, 19 Feb 2001, Tal Danzig wrote:
> On Mon, Feb 19, 2001 at 07:13:40PM -0800, Rick Rezinas wrote:
> > I've been loosely foloowing this thread, and hope you have the best of
> > luck locking down. A few places to start with the inetd.conf file. You probably don't
> > need any of those services. Install ssh. Setup your apt sources.list to
> > check for
> >
> > deb http://security.debian.org stable/updates main contrib non-free
> >
> > but you may want to use a mirror, so they don't get nailed.
> >
>
> There are no mirrors of security.debian.org (or shouldn't be)
> for security reasons.
> This way the authenticity of security packages can be better controlled.
>
> - Tal
>
> > basically, each line in the sources.list has a list of packages, and they
> > look to see who is the newest and install that puppy.
> >
> > those are a coupla basic steps to locking down your box. Others include
> > not running named cux it's often a problem...I have no doubt that there are
> > crackers out there with several named and sendmail holes in their pocket.
> > That haven't been exposed before. So if you run mail, check out qmail.
> > IMHO. Don't have key services run as root, like your webserver if that is
> > key. That way if you get compromised they still need to work for root.
> >
> > have a nice day
> > rick
> >
> >
> >
> > On Mon, 19 Feb 2001, Steve Rudd wrote:
> >
> > > Steve here,
> > >
> > > Well first, I repent of calling Linux 7: Redhat 7. Yes I am new. I have
> > > been maintaining my own box from a su level for about 3 months. That is why
> > > I was calling in an expert to install Debian tomorrow. It has become quite
> > > obvious to me that I am way over my head in trying to get my server secure.
> > >
> > > But I would also like to say that I was humbled by the sheer volume of
> > > caring replies. I want to say that I have taken note of all of them and
> > > thank you.
> > >
> > > My personal/superficial conclusions to my own questions based upon your
> > > replies is that Debian (as a software package) is a little more secure (for
> > > a variety of reasons), than Redhat 7. But the biggest factor is me getting
> > > pro help by someone who knows what he is doing. Done!
> > >
> > > There is one primary reason why I would have chosen Debian over Redhat in
> > > the first place. The auto-update feature. I was on line for the Redhat
> > > Network. It never notified me of anything. Even now, after being hacked, is
> > > gives me those nice smiley icons saying all is ok! <g>
> > >
> > > For me to get the box set up, then issue a one line command as the SU via
> > > "CRT" program in SSH mode, to update is breathtakingly attractive!
> > >
> > > Steve
> > >
> > >
> > > --
> > > To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> > > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > >
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
>
> --
> -----------------------------------------------------------------
> Tal Danzig tal@libranet.com | Libranet Linux
> http://tal.thepenismightier.net | http://www.libranet.com
> -----------------------------------------------------------------
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: