begin Silcock, Stephen quotation: > - Default installations. I think you'd find more of these > vulnerabilities are exploitable in a default install of Windows than a > default install of say RedHat or Debian.
I'd say there's really no such thing as a default install in Debian. One can consider that a bug or a feature, per inclination. But I will say that you'll never get pushed towards sendmail, wu-ftpd, or BIND v. 8.x -- so you're already slightly ahead, right there. In any event, once you add an alert system administrator into the picture, any *ix can be made security-tolerable with a bit of work. (I'll ignore the suggestion that one might do likewise for MS-Windows, else I'd risk hurting myself from laughter.) In case they're useful, here are some of the classic texts, helpful in adding that one essential ingredient -- an alert sysadmin: DNS and BIND, Cricket Liu, O'Reilly TCP/IP Network Administration, Craig Hunt, O'Reilly Unix System Administration Handbook, Evi Nemeth et al., Prentice Hall Essential System Administration, Aeleen Frisch, O'Reilly Linux System Administration; M Carling, Stephen Degler, Jim Dennis; New Riders (a different sort of book, but needed) Building Internet Firewalls, Brent Chapman et al., O'Reilly Firewalls and Internet Security, Wm. Cheswick & Steven Bellovin, Addison-Wesley And some more of my recommendations are quoted here (along with those of lots of other people, so I can't be responsible for the latter): http://www.mezzaninereader.com/macosxbooks.html (It refers to something I try to hammer into people: Many of the really bad technical books are bad mainly because they're attempting to be both a tutorial and a reference at the same time -- which is not possible, and just makes the book useless as either one.) And some may find helpful an article of mine: http://www.itworld.com/Sec/2199/LWD000829hacking/ -- "Is it not the beauty of an asynchronous form of discussion that one can go and make cups of tea, floss the cat, fluff the geraniums, open the kitchen window and scream out it with operatic force, volume, and decorum, and then return to the vexed glowing letters calmer of mind and soul?" -- The Cube, forum3000.org -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug