[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Safety while network install.

On Mon, Nov 21, 2011 at 04:34:26PM +0000, Curt wrote:
> On 2011-11-21, Osamu Aoki <osamu@debian.org> wrote:
> >
> > But seriously, Debian is configured as a quite secure system at any time
> > unless you make stupid configuration yourself.  So it is quite safe.
> >
> Would you be so kind as to explain to me what ports/services are
> open and listening on a default install of Debian Squeeze (if any) and if there
> are any security implications for the novice user or "hardening" to be
> performed on a default install (in relation to listening daemons)?

Anyway, read good source.
> I got rid of avahi and another daemon that opened listening ports because I
> didn't know what those services were exactly, what purpose they served,
> or whether they presented any kind of danger to my security. (I think
> the other service was portmap, now that I come to think of it).


It gives you  multicast DNS/DNS-SD service discovery.  hostname IP
resolution on LAN without DNS.

Just do not run if you do not need it.  task-desktop pulled in via
recommends to avahi-daemon so you can remove it easily. 
> I remember in the past the xserver would listen by default (at least on
> some linuxes), but now the default apparently is not to listen, which is
> a good thing, though it took a while to get there.

Anyway, checking it yourself for your system is good idea than asking
such thing in general sense.


Reply to: