* Norbert Preining wrote on Tue, Aug 22, 2000 at 09:20 +0200:
On Tue, 22 Aug 2000, Thomas Biege wrote:
If people use the tools we deliver with SuSE + their brains (note: we don't ship brains with SuSE), then they could get a very secure system within a short time of work.
This is NOT a good idea. Either the default install (and the default install for most people is `ALL') enables all the services, which IS crazy! No idea why identd, and similar have to run on a dialin machine?
I think, if you're a more experienced user, you will have no problem with disabling services. If you have a lot of machines, the just generate a patch (or patch-set), and a little script that uses SSH to patch or somethink similar, you know. If you're a "newbee" you probably want to take just a look. newbees don't know how to disable services (this is not linux specific, and a GUI frontend won't help; see i.e. NT: most boxes have unused services). They just want features. To explain a newbee how to enable a service could take serveral minutes for the hotline. An experienced user isn't needing such help. For me the default config does not matter very much. Patch is installed anyway, so it takes some seconds to get a new config :) IMHO. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.