Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Security Section

Code of conduct, suggestions, and information on forums.debian.net.
Post Reply
Message
Author
mikazo
Posts: 6
Joined: 2009-09-02 15:02

Security Section

#1 Post by mikazo »

I've been browsing around the web for a good place to discuss server administration and security, and Debian User Forums seemed as good as any, since that's what I'm running on my server. However, I'm surprised to see there's no designated "Security" forum. Security is important, whether it's for a server or workstation and it would be good to have a place for others to learn and discuss security practices, issues, share what's went wrong/worked well in the past and so on. Anyone else agree?

User avatar
Raffles10
Posts: 191
Joined: 2008-12-09 16:36
Location: London, UK

Re: Security Section

#2 Post by Raffles10 »

Not really. Depends what you're doing with your computer, I would guess that most users are running basic desktop systems and doing basic stuff: email, browsing web, multimedia, etc. Security isn't really an issue at home, we're not using windows so no great danger from viruses, trojans, etc. In the workplace or any public place there are issues of privacy, but not many of us get to use Debian at work. :(

So generally speaking security is not such a big deal for most Linux users. It's one of the advantages of Linux, how much software do you need to keep windows safe these days? :lol:
Debian Squeeze + KDE 4.4.4 + AMD Athlon™ 64 X2 Dual Core Processor 6000 + nVidia GeForce 8600

User avatar
craigevil
Posts: 5391
Joined: 2006-09-17 03:17
Location: heaven
Has thanked: 28 times
Been thanked: 39 times

Re: Security Section

#3 Post by craigevil »

What security? I run sid, which was installed back around the time Sarge was released. Other than disallowing remote logins and using a router I haven't had to do anything to keep my system secure. Just for curiousity's sake I run rkhunter ever couple of months and have never found anything out of place.

Where as on my wife's laptop that runs Xp , I installed spyblaster, spy bot search and destroy, a hosts file, MS security essentials, and I scan it about once a month with one of the various online scanners. She uses Firefox with adblock plus, flashblock and noscript which seems to keep it pretty safe. Just making sure things like java, flash and other 3rd party apps stay updated is a pain, unlike my debian system where I do apt-get dist-upgrade every few days.
Raspberry PI 400 Distro: Raspberry Pi OS Base: Debian Sid Kernel: 5.15.69-v8+ aarch64 DE: MATE Ram 4GB
Debian - "If you can't apt install something, it isn't useful or doesn't exist"
My Giant Sources.list

smallchange
Posts: 1740
Joined: 2009-05-04 15:56
Been thanked: 1 time

Re: Security Section

#4 Post by smallchange »

Running sid and updating every few days certainly does make for a reasonable secure system, but is probably not the way to run a server. I would think that most security questions would fit in system configuration. A security section would be more sensible than a beginners section. Most here would welcome intelligent security posts.

mikazo
Posts: 6
Joined: 2009-09-02 15:02

Re: Security Section

#5 Post by mikazo »

smallchange wrote:Running sid and updating every few days certainly does make for a reasonable secure system, but is probably not the way to run a server. I would think that most security questions would fit in system configuration. A security section would be more sensible than a beginners section. Most here would welcome intelligent security posts.
I'm with smallchange, there's more to security than a firewall and some updates. I'm talking about real, high-level security, the type one might find a large enterprise (hopefully) employs. True, the average user doesn't worry much about security in Linux, but if you're running a server 24/7 that might be highly visible to attackers, you take security a little more seriously.

I myself run a Debian server from home, simply to practice security on, since I intend to make a career out of it one day. I'd enjoy the occasional intelligent security discussion.

Post Reply