Tarjei <[EMAIL PROTECTED]> writes: > Hmm. Here's a suggestion. > > - This idea is based on the asumtion that espesially serversystems need > good security.
*All* installed boxes need adequate securing. Linux worms would not propagate if it weren't for a critical mass of idiots running unpatched daemons & packages; scanning by IP# is no respector of `this is a server' or `this is a workstation'; it just happens that servers *have* to be "secure" while workstations tend not to be. > 1. Make a votingpage and anounce it on debian-users asking what are the > main servers people are running on their debian systems. You'd want a control poll e.g. on slashdot or somewhere as well because the Internet as a whole will run different servers in different amounts - more web servers than DNS than email? Or similar numbers of each? > 2. Go through the 10 highest and make sure they follow secure practies > like libsafe. Personally I think a BIG disclaimer in the installer, `look, if you will run these things, on your head be it' for every daemon that gets installed would be in order. [snip] > I apoligize to all the people reading this list for filling it with rants. > Will stop now. ~Tim -- <http://spodzone.org.uk/>