On Sun 30 Aug 2015 at 04:00:07 -0500, rlhar...@oplink.net wrote: > On Sun, August 30, 2015 3:26 am, to...@tuxteam.de wrote: > > ... We went with a very fine comb over things. It's always a balance > > between convenience/feasibility and security. You're not at the NSA, > > trying to whistle-blow, after all (use TAILS for that, and some help from > > trusted friends). If you reduce the lists by a bit, you'll end up with a > > manageable set of things you could try to uninstall (and see what'd go > > down with it: I don't know how much of GNOME is torn down these days if > > you take down Avahi, just for one example). > > > > The most interesting part here is the process. What makes you secure is > > some awareness of what's in your box and what it's doing there. > > This has been an interesting experience for me, and I am grateful to you > and to all who have entered into the discussion. I am going to print out > all these messages and read them again, and save them for reference. This > interaction has given me a better understanding of the issues than I would > have gotten from reading a book on how to secure a machine.
It's already been said, but, although its up to you, there really is no need for a reinstall. You should also appreciate that (AFAIK) all services installed on Debian are installed in a secure default state. Altering that state can degrade security but you take responsibility for that. The bottom line is that services are good. You can do what tomas advises and become aware of what they do. On the other hand you can install them and let them get on with the job they are configured to do in the default state and not bother your head about them. In that state you can be assured of the safeness of your machine.
