Re: A simple question FORK! Something that bugs me about net-installs and security
-----BEGIN PGP SIGNED MESSAGE-----
On 01/26/07 19:03, Hodgins Family wrote:
> Many people are installing Debian "from the internet". Yet, the Securing
> Debian Manual suggests no contact with the internet until the
> installation is "secure."
> The manual states that installing the OS off the web is not the best
> idea (Section 3.3 found here:
> http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html )
> Is the manual WRONG about net installs?
Did you *read* the link you posted?
3.3 Do not plug to the Internet until ready
The system should not be immediately connected to the Internet
If you cannot do this, you can set up firewall rules to limit
access to the system while doing the update (see Security
update protected by a firewall, Appendix F).
> Are net installs (let's say for a Desktop environment) totally without
> vulnerability risks?
> When, during an installation, do/should people think about
> security/vulnerability issues of the software they are installing?
Actually, not much. Firewalling routers are $50 and do a reasonably
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----