On Fri, May 16, 2008 at 08:20:07PM -0700, Mike Bird wrote: > If you start a service - Apache or FTP or anything else - then you are > responsible for securing it, whether by passwords or certificates or > firewalls or otherwise. It's easy to start a service. It's not easy > to secure a service. Don't start a service until you know how to secure > it, no matter how easy is. This applies to all OS's.
On debian, if you want to run a service, say ftp you would choose your server and install the package so that you can read the docs. On Debian, when you do this, does it get installed into a running state or do you have to configure it first? If you install the ntp package, it goes active even before you've given it a specific server to use since it defaults to the pool of servers. This is one reason why I run shorewall and have everything closed in all directions unless I open it. If I install something, I know right away if its started doing anything and can keep it from doing anything until I'm ready. In answer to the OP, I think he needs to look at the debian policy vis-a-vis the policy that packages work out-of-the-box with standard configs already done. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
