12 Nov
2011
12 Nov
'11
4:39 a.m.
On 5 November 2011 02:03, leaknoil <leaknoil at gmail.com> wrote:
On 11/4/2011 6:04 PM, Geoffrey Reed wrote:
Hang on, that's not true. At the /very/ least, if you install a bare
system, it has an OpenSSH server running and accepting requests and
probably more. Ubuntu Server is more minimal than Debian and does not
even have ssh on by default. /Nothing/ is on by default.
Good way to alienate any possible supporters you may have. Many of us out
here have experience with classic hardware and software and current hardware
and software. In my last gig we used a couple different Operating Systems
and NONE were trusted out of the box, they were all hardened as some of our
machines lived in the corporate DMZ. Anyone who suggested that any OS was
secure enough right out of the box would have been laughed out of the
office.
What do you mean out of the box ? What would you do to a current Debian
distro to make it more secure ? You can't even install it without setting
passwords and no services are turned on. If you add services they are at
super paranoid settings until you adjust them so you can actually use them
for anything.
They're not that tight. I suspect OpenBSD is locked down harder by
default, for starters.
The whole internet is running on linux now like it or
not.
Hardly!
It
is pretty darn secure as a server.
It /can/ be, yes. It is not by default, no. Fair good, yes; better
than Windows, yes; better than anything much else that's mainstream on
x86, yes; but perfect, no.
--
Liam Proven ? Info & profile: http://www.google.com/profiles/lproven
Email: lproven at cix.co.uk ? GMail/GoogleTalk/Orkut: lproven at gmail.com
Tel: +44 20-8685-0498 ? Cell: +44 7939-087884 ? Fax: + 44 870-9151419
AIM/Yahoo/Skype: liamproven ? MSN: lproven at hotmail.com ? ICQ: 73187508