1 |
Hi list, hello Dale, |
2 |
|
3 |
Am Dienstag, 17. Februar 2009 schrieb Dale Pontius: |
4 |
> Just a side comment on this... I have scripts that figure out where the |
5 |
> heck I am when networking comes up, and based on that decide what, if |
6 |
> any, service(s) to bring up. When the current network is on "other", NO |
7 |
> services are started at all - even X is started with "-tcp nolisten" so |
8 |
> there are no open ports. Scratch that - dnsmasq is listening on |
9 |
> loopback, but that's it. |
10 |
> |
11 |
> Maybe it's not all that's necessary, but it's a good first line of |
12 |
> defense. |
13 |
|
14 |
these little helpers are surely the ones which distinguish a nicely secured |
15 |
system from a good secured one (given all other loopholes are treaten like |
16 |
that). So are there perhaps plans in collecting some of them (or even just |
17 |
settings etc.) is a hardened-settings / hardened-tools / etc. package? |
18 |
Wouldn't that be a nice addition to the overall hardened-offer from gentoo? |
19 |
|
20 |
|
21 |
Marcel |