Re: Safety while network install.
On Mon, Nov 21, 2011 at 04:34:26PM +0000, Curt wrote:
> On 2011-11-21, Osamu Aoki <email@example.com> wrote:
> > But seriously, Debian is configured as a quite secure system at any time
> > unless you make stupid configuration yourself. So it is quite safe.
> Would you be so kind as to explain to me what ports/services are
> open and listening on a default install of Debian Squeeze (if any) and if there
> are any security implications for the novice user or "hardening" to be
> performed on a default install (in relation to listening daemons)?
Anyway, read good source.
> I got rid of avahi and another daemon that opened listening ports because I
> didn't know what those services were exactly, what purpose they served,
> or whether they presented any kind of danger to my security. (I think
> the other service was portmap, now that I come to think of it).
It gives you multicast DNS/DNS-SD service discovery. hostname IP
resolution on LAN without DNS.
Just do not run if you do not need it. task-desktop pulled in via
recommends to avahi-daemon so you can remove it easily.
> I remember in the past the xserver would listen by default (at least on
> some linuxes), but now the default apparently is not to listen, which is
> a good thing, though it took a while to get there.
Anyway, checking it yourself for your system is good idea than asking
such thing in general sense.