I was looking at it more from the lines of a default installation. Most experienced UNIX/Linux users know what needs to be running and what doesn't, and how to turn services on and off. I'm not completely sure what services are running under Debian in a default installation as I use dselect to select each individual package on every installation I do. This way I have complete control of what's installed.
You can't really expect a new user to want to sift through the list of 3000+ packages in dselect, or even to know what most of them are. Do a stock installation and see if a new user wouldn't need a "hardening script". At a guess, telnet, ftp, portmapper, nfsd, and the like are probably running. I can see where a "hardening script" could come into play here, asking the user if he needs service "x" running, with a default answer of no. Unless the user specifically states that he wants it running, it won't be. -jg -----Original Message----- From: Wichert Akkerman [SMTP:[EMAIL PROTECTED] Sent: Tuesday, December 12, 2000 6:51 PM To: Jeremy Gaddis Cc: Ory Segal; debian-security@lists.debian.org Subject: Re: OS Hardening Previously Jeremy Gaddis wrote: > And if you believe that, you're a fool. I do believe that. It's a matter of knowing what you're doing and selecting just the package you need. Wichert. -- ________________________________________________________________ / Generally uninteresting signature - ignore at your convenience \ | [EMAIL PROTECTED] http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
