[buug] Linux Security Site
rick at linuxmafia.com
Tue Feb 15 16:40:53 PST 2000
Hmm. You may be onto something, there. It should be a lot easier to
harden a workstation than a server.
However, there aren't any firm distinctions between workstation and
server, in Unix. A workstation operator decides he wants to publish
an NFS export, or put up a Web page, and suddenly it's a server for
that function. For that matter, if he runs X, he's already publishing
services potentially usable to anyone who can see his IP address.
> This would just be a stand-alone work station, with no network,
> not even local.
But that would be a very sad situation, indeed -- in which the user
wouldn't get to see what's distinctively good about Linux. You'd
be trying to fit Linux into a Windows-sized box, which just isn't
the way to make it shine. Think of it this way: Automobiles made
extremely poor horses, eh? It's only when people started thinking
of what cars do well that you'd _never think of on a horse_ that
their advantages became clear.
This is why I try to get people out of the one-computer mindset,
when they talk to me about Linux. I tell them: _Don't_ dual-boot
your Win9x box as a part-time Linux box. Instead, get somebody's
cast-off P90, run Linux on that, and make it furnish services to
you on a cheap local LAN (which can be as simple as a single crossover
cable and two $30 Tulip cards)..
Of course, people are afraid of LANs. That's the other obstacle I
try to help them overcome.
Cheers, Linux: It is now safe to turn on your computer.
rick (at) linuxmafia.com
More information about the buug