AW: AW: Workstation or Server in RH 7.2?

["Poppi, Sandro" <Sandro.Poppi () wacker com>]

Ok you do have another point of view than I do. In my world ;) everything
installed is a potentially bad thing, even if not activated. Think of a
vulnerable service activated and a suid program which you installed but not
used but is also vulnerable. Or what if you just forget to deactivate the
service accidently?

Too much risk in a secure envirnment in my eyes.

But as I said: That's my personal opinion.

Ciao,
Sandro
> Ok, granted.  But installing all the services is different than saying
> enable all the services.  I routinely install everything then 
> turn it off.
> I guess I wasn't clear about this but it is the snort list after all!
>
>
> On Wed, 27 Feb 2002, Poppi, Sandro wrote:
>
> > Choosing the custom option is ok but DON'T install all 
> packages! As a snort
> > box is a "security device" you should only install the 
> minimal things needed
> > to run and administer snort, e.g. why should I install X, 
> KDE, Gnome? Don't
> > need it. Why installing telnet, r services or nfs, apache, 
> ...? Don't need
> > it. Install openssh instead of telnet.
> >
> > And always watch for security updates!
> >
> > Any package installed could open your box for well-known 
> vulnerabilities.
> > Also streamlining the kernel for performance issues is a 
> good thing (don't
> > forget to remove gcc afterwards, you don't need it anymore).
> >
> > Sandro
> > > I would recommend doing a custom install and chosing to 
> install all
> > > packages.  Stay away from the prebuilt options RedHat offers
> > > you unless
> > > you don't plan to use the machine much.
> > >
> > >  On Tue, 26 Feb 2002, CGI wrote:
> > >
> > > > What installation you are using for Snort in Red Hat,
> > > > Workstation or Server and why?
> > > >
> > > >
> > > > Thanks
> ______________________________________________________________________
> > > > Find, Connect, Date! http://personals.yahoo.ca
> > > >
> > > > _______________________________________________
> > > > Snort-users mailing list
> > > > Snort-users () lists sourceforge net
> > > > Go to this URL to change user options or unsubscribe:
> > > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > > Snort-users list archive:
> > > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> ---------------------------------------------------------------------
> > > Demetri Mouratis
> > > dmourati () linfactory com
> > >
> > >
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users () lists sourceforge net
> > > Go to this URL to change user options or unsubscribe:
> > > https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > > http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> ---------------------------------------------------------------------
> Demetri Mouratis
> dmourati () linfactory com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users