discuss: Proposed System Documentation Mini-HOWTO
Subject:
Re: Proposed System Documentation Mini-HOWTO
From:
Poet/Joshua Drake ####@####.####
Date:
2 Oct 2001 01:20:34 -0000
Message-Id: <Pine.LNX.4.30.0110011815470.31343-100000@commandprompt.com>
>FWIW, I'm not so sure that'd be a good idea at all. It smells a little of
>"Security is a product", to me - I don't think there's any such thing as a
>checklist of "Things That Will Make Your Linux System Secure", and suggesting
>that there is is fundamentally dangerous IMO.
This is not true. In fact, if you follow a standard procedure you can
create a secure Linux box. Of course, the best security is a proactive
environment with monitoring and log hounding and and and and
but {
Having a 25 steps to a reasonably secure Linux machine is a great idea.
Picture, I am a small business owner (actually I am ;)) and I have 5
employees. I don't want to run Windows. I want to run Linux but I don't
want to pay somebody like me (I do security consulting) 1000.00 to harden
my machine. I would rather do it myself if I can.
Well, a 25 step program (we love you) would enable users to do that. Turn
off all services... run ipchains/iptables, how do I turn off relaying
etc...
J
>
>
--
--
<COMPANY>CommandPrompt - http://www.commandprompt.com </COMPANY>
<PROJECT>OpenDocs, LLC. - http://www.opendocs.org </PROJECT>
<PROJECT>LinuxPorts - http://www.linuxports.com </PROJECT>
<WEBMASTER>LDP - http://www.linuxdoc.org </WEBMASTER>
--
Instead of asking why a piece of software is using "1970s technology,"
start asking why software is ignoring 30 years of accumulated wisdom.
--