Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: AW: [suse-security] a little service question
Hi,

On Wed, 06 Dec 2000, Dustin Huptas wrote:
>I am surprised by this harsh answer of yours.

Sometimes life can get frustrating ...

>Until now I was convinced that
>a mailing list concerning security is to be used when someone has a
>security-related question. If all users on planet earth would be as "smart"
>as you are (seem to be) then we would not need such things as
>mailings-lists. There is always a point where man-pages and faq-lists do not
>seem to answer one´s question and then it is time to ask other users.

Your question is definitely a FAQ. You will find the answer in the
Linux Security HOWTO, and if you are following this mailing list
on a regular basis, or if you had gone through the mailing list archives
at www.suse.com, you would have found that questions like yours have
been already answered a gazillion of times, for example today, 6 days ago, ...

o.k. here's the answer hint: As a primer, read the Linux Security HOWTO
Another good starting point is the book
"Securing and Optimizing Linux: Red Hat Edition", which is available
as a 5.5MB download from
http://www.linuxdoc.org/LDP/gawlso/Securing-Optimizing-Linux-RH-Edition-1_3.pdf
Most of the topics covered there apply to all Linux distros.

>Or did
>I get the point wrong? You can be sure that I took the time to find the
>answer myself but I think it is not useful to reinvent the wheel over and
>over again

You're both wrong and right. That's what FAQs are good for:
Not reinventing the wheel. The only problem with FAQs is that
virtually nobody cares to read them.

>(as a german proverb goes, don´t know the english equivalent)!
>I would appreciate an answer from you and a statement from the list whether
>I was "allowed" to ask such a "stupid" question or not.

Of course you are allowed to ask stupid questions, but it does not
seem to me that you have spent too much effort for research either.

And stating that you already "wrap most services with tcpd" really
makes me curious why you shouldn't be able to shut off services
like "login" or "shell", as enabling the tcp wrapper requires at least
basic knowledge of /etc/inetd.conf ... ;-)

>Thank you
>
>Rgds Dustin Huptas

Regards,
Martin Leweling

--
Martin Leweling
Institut fuer Planetologie, WWU Muenster
Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany
E-Mail (work): lewelin@xxxxxxxxxxxxxxx

< Previous Next >
References