Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Security Section
Security Section
I've been browsing around the web for a good place to discuss server administration and security, and Debian User Forums seemed as good as any, since that's what I'm running on my server. However, I'm surprised to see there's no designated "Security" forum. Security is important, whether it's for a server or workstation and it would be good to have a place for others to learn and discuss security practices, issues, share what's went wrong/worked well in the past and so on. Anyone else agree?
Re: Security Section
Not really. Depends what you're doing with your computer, I would guess that most users are running basic desktop systems and doing basic stuff: email, browsing web, multimedia, etc. Security isn't really an issue at home, we're not using windows so no great danger from viruses, trojans, etc. In the workplace or any public place there are issues of privacy, but not many of us get to use Debian at work.
So generally speaking security is not such a big deal for most Linux users. It's one of the advantages of Linux, how much software do you need to keep windows safe these days?
So generally speaking security is not such a big deal for most Linux users. It's one of the advantages of Linux, how much software do you need to keep windows safe these days?
Debian Squeeze + KDE 4.4.4 + AMD Athlon™ 64 X2 Dual Core Processor 6000 + nVidia GeForce 8600
- craigevil
- Posts: 5391
- Joined: 2006-09-17 03:17
- Location: heaven
- Has thanked: 28 times
- Been thanked: 39 times
Re: Security Section
What security? I run sid, which was installed back around the time Sarge was released. Other than disallowing remote logins and using a router I haven't had to do anything to keep my system secure. Just for curiousity's sake I run rkhunter ever couple of months and have never found anything out of place.
Where as on my wife's laptop that runs Xp , I installed spyblaster, spy bot search and destroy, a hosts file, MS security essentials, and I scan it about once a month with one of the various online scanners. She uses Firefox with adblock plus, flashblock and noscript which seems to keep it pretty safe. Just making sure things like java, flash and other 3rd party apps stay updated is a pain, unlike my debian system where I do apt-get dist-upgrade every few days.
Where as on my wife's laptop that runs Xp , I installed spyblaster, spy bot search and destroy, a hosts file, MS security essentials, and I scan it about once a month with one of the various online scanners. She uses Firefox with adblock plus, flashblock and noscript which seems to keep it pretty safe. Just making sure things like java, flash and other 3rd party apps stay updated is a pain, unlike my debian system where I do apt-get dist-upgrade every few days.
Raspberry PI 400 Distro: Raspberry Pi OS Base: Debian Sid Kernel: 5.15.69-v8+ aarch64 DE: MATE Ram 4GB
Debian - "If you can't apt install something, it isn't useful or doesn't exist"
My Giant Sources.list
Debian - "If you can't apt install something, it isn't useful or doesn't exist"
My Giant Sources.list
-
- Posts: 1740
- Joined: 2009-05-04 15:56
- Been thanked: 1 time
Re: Security Section
Running sid and updating every few days certainly does make for a reasonable secure system, but is probably not the way to run a server. I would think that most security questions would fit in system configuration. A security section would be more sensible than a beginners section. Most here would welcome intelligent security posts.
Re: Security Section
I'm with smallchange, there's more to security than a firewall and some updates. I'm talking about real, high-level security, the type one might find a large enterprise (hopefully) employs. True, the average user doesn't worry much about security in Linux, but if you're running a server 24/7 that might be highly visible to attackers, you take security a little more seriously.smallchange wrote:Running sid and updating every few days certainly does make for a reasonable secure system, but is probably not the way to run a server. I would think that most security questions would fit in system configuration. A security section would be more sensible than a beginners section. Most here would welcome intelligent security posts.
I myself run a Debian server from home, simply to practice security on, since I intend to make a career out of it one day. I'd enjoy the occasional intelligent security discussion.