Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Networking two Linux computers harder than Linux toWindows?

Arwyn Hainsworth writes:

 > Eh? You don't used packaged versions just because they start
 > automatically?

Not only don't I use them, I file bug reports against them.

 > >From experience, the Debian (and Ubuntu) packages have sensible
 > defaults and do not expose you to security risks out of the box.

You're confused if you think that experience can show that a package
exposes you to no security risks.  It can only prove that you *are*
exposed, by having them exploited.  Lack of exploits, however, does
not mean lack of risk.

To someone at Dave's level of expertise, theory says that any process
listening on an Internet-routable port is a security risk.  Period.
It may be a small risk, it may be an acceptable risk, but it is a
risk.  The more of those things you have running, the bigger the risk.
And Dave does not yet have the experience to judge more accurately
than that.

 > IIRC in the case of the packages mentioned, the default configs
 > limit them to the lo interface,

On Debian, that is definitely not true for any webserver.  Nor for
sshd, which comes configured to accept password authentication on any
available interface, and with no firewall.  So even Debian takes far
more risks than I would like.

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links