On 10/08/2014 07:20 AM, Richard Owlett wrote: > koanhead wrote: >> On 10/06/2014 04:20 AM, Richard Owlett wrote: >>> I'm a relatively new convert from Windows to Debian... >>> I'm looking for a reference document that wouldn't scare my friend off >>> Debian and also give me the required information to...
>> https://wiki.debian.org/iptables should be as much as you need to >> accomplish this. > > That page is unsuitable for the audience I wish to reach. My apologies: I misunderstood you and thought you were looking for such a document for your own use. To my knowledge, there's not such documentation for iptables that is suitable for a nontechnical user (that is, someone without a working knowledge of TCP/IPv4 networking). However, there are simplified frontends to iptables that are available in the repositories. gufw [1] comes to mind, and you could probably walk your friend through its use fairly painlessly. It comes with a sensible (for some people) set of defaults. [1] https://packages.debian.org/wheezy/gufw see also https://launchpad.net/gui-ufw > > I'll take you up on that. I volunteered for something else this weekend > that may help me coherently describe what I'm looking for. ☺ >> >>> 2. list of daemons/services/??? that should be disabled or not >>> installed. >> >> It depends on what your friend will do with his computer... >> >> Any service you're not currently using should be disabled. Any service >> you won't use should not be installed. > > Yeah. But ;/ The devil is in the details. > Where is a list of services. There's one at /etc/services. It's a list of 'well-known' services and their associated ports, not a list of things which are installed or running. To my knowledge the package manager does not make a distinction between services and packages for 'non-services'. There's probably a clever way to `aptitude search` for it, but I don't know - apart from `aptitude search *-daemon` or so. There's also no definitive way to get a list of running services under sysvinit. IIRC the `systemctl` command in systemd does this, but you won't have it available in wheezy. You can try the following to approximate it: `ps --ppid 1` - lists all processes of which init is direct parent. Should include all services, but not only services. `service --status-all |grep [+]` - should list all the services the service command knows are running. Not definitive as the service command does not manage all services. > How would Joe the Janitor and Mary the Florist chose? They should stick with the installed defaults. Those are pretty safe. They should not install sshd (because why would they?) nor use sudo unless and until they are properly configured. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/m14g4s$inj$1...@news.albasani.net
