| 1 |
Hi list, hello Dale, |
| 2 |
|
| 3 |
Am Dienstag, 17. Februar 2009 schrieb Dale Pontius: |
| 4 |
> Just a side comment on this... I have scripts that figure out where the |
| 5 |
> heck I am when networking comes up, and based on that decide what, if |
| 6 |
> any, service(s) to bring up. When the current network is on "other", NO |
| 7 |
> services are started at all - even X is started with "-tcp nolisten" so |
| 8 |
> there are no open ports. Scratch that - dnsmasq is listening on |
| 9 |
> loopback, but that's it. |
| 10 |
> |
| 11 |
> Maybe it's not all that's necessary, but it's a good first line of |
| 12 |
> defense. |
| 13 |
|
| 14 |
these little helpers are surely the ones which distinguish a nicely secured |
| 15 |
system from a good secured one (given all other loopholes are treaten like |
| 16 |
that). So are there perhaps plans in collecting some of them (or even just |
| 17 |
settings etc.) is a hardened-settings / hardened-tools / etc. package? |
| 18 |
Wouldn't that be a nice addition to the overall hardened-offer from gentoo? |
| 19 |
|
| 20 |
|
| 21 |
Marcel |
Archives