[buug] Linux Security Site

Zeke Krahlin ezekielk at iname.com
Wed Feb 16 01:11:55 PST 2000 

Hi Rick Moen, you wrote on 2/15/2000 4:40:53 PM:

>Hmm.  You may be onto something, there.  It should be a lot easier to
>harden a workstation than a server.

I suppose that, connecting any box to the Internet, pretty much opens up a 
can of security worms...more so than just a LAN. So what I'll do, then, is 
get all the security issues down pat, and come up with a system, a 
"package", where I can quickly set up a client's PC to be maximally secure. 
I will *not be working on office networks, or any connected systems...other 
than a single PC connected to the Internet.

My hunch is, though, that about 50% of the security issues would be 
eliminated, if the only networking will be with an Internet connection.

>But that would be a very sad situation, indeed -- in which the user
>wouldn't get to see what's distinctively good about Linux.  You'd
>be trying to fit Linux into a Windows-sized box, which just isn't
>the way to make it shine.  

Linux might shine as a fully functioning network system...but those aren't 
the clients I work with: I work strictly with stand-alone PCs, most at 
people's homes...where they don't *want a network. Other than the Internet, 
of course. So I'd have to shut down all servers as part of my security 
settings. These are not clients who want to run a web host, ftp host, or 
any other kind of server. They just want to get away from the Windoze OS; 
and Linux is the way to go, for most of them.

Naturally, I am aware that I am speaking from a semi-clueless point of 
view, and do not yet grasp fully, your perspective. In other words: I must 
RTFM re. Linux security and administration, as well as post questions.

>Of course, people are afraid of LANs.  That's the other obstacle I 
>try to help them overcome.

I'd love to set up two PCs, per your suggesion (one a Linux box, 
totally)...but my consideration is *space, as I occupy a single room. I do 
have a P120 in storage...which I could set up as the Linux box...but the 
only way I'd do that, space-wise, is to share one monitor and modem between 
the two. I already have a split cable for the modem, but I'd need one for 
the monitor, too. I already have the spare HD, VGA card, and even sound 
card (all Linux compatible).

Well, at *least my Windoze98 and Mandrake 6.1 reside on separate hard 
drives. The *only thing keeping me from going *full steam ahead* on Linux, 
and removing 80% of all my Windoze software, is the security 
issue...because *most of my PC activities are on the Internet. I am 
otherwise quite at home running word processors, browsers, image editors, 
etc. on a Linux system.

I have begun cracking the Linux security books, and will come back with 
some questions which, I hope, will not be as clueless as my present ones. 
And I also hope that I can eventually serve as a bridge between newbies and 
wizards, in our group...so that the experts won't become exhausted by 
newbie questions, in that I, perhaps, can provide some answers and 
directions, too.

I'll take notes!

---
FreeISP Cubs BBS & Chat
http://www5.50megs.com/fnc
---
Toll-free voice/fax mailbox (USA only):
1-888-830-5746 (ext. 8275)
ICQ#: 8485235

More information about the buug mailing list