Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Re: !SPAM! Automated ssh scanning

from [Ron DuFresne] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Re: !SPAM! Automated ssh scanning
Date: Sat, 28 Aug 2004 21:42:29 -0500 (CDT) 
On Sat, 28 Aug 2004 gadgeteer@elegantinnovations.org wrote:


On Thu, Aug 26, 2004 at 03:14:27PM -0500, Ron DuFresne 
(dufresne@winternet.com) wrote:

Those do not make alot of difference, the key is not to accept any of the
defaults by any of these dists, pick and choose carefully which individual
packages you install.   I know redhat has dependancy hell with various
packages, from the experience of trying to do as minimal as possible an
install for a webhost while migrating from sunone on solaris to
apache/redhat on the mainframe awhile back.  I do not doubt that some of
these additional dists are wraught with the same issues.  But, I do know
that slackware's installation process has the ability for one to do
finegrained installs and to determine specifically individual packages
from each package set.


Just because slack does not prevent one from installing or not, whatever
packages one chooses does not mean there is no dependency issues.  They
are there and they will break things.



Agreed, but this offers one more then merely a 'default server/desktop'
choice in installs.  And dpenedencies tend to be made fairly clear in the
menu system for first installs.

Of course, I have always tended to not install various packages, even for
'feature rich blown installs' for my desktops, prefering to install source
<openssl, openssh, apache if I need a test server...>.

Production boxes tend to be single purpose systems, with minimal installed
for the objective at hand.  These  tend to be simpler and more efficient
to maintain, though often requires that  applications be built off of and
ported to the system offering resources to the public.

This goes hand in hand with your advice in the previous e-mail I read of
yours stating that one should not have to turn off what should not have
been installed in the first place <smile>.

Thanks,


Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Re: U.S. National Security Awareness Day (NSAD), gadgeteer
Next by Date:  [Full-Disclosure] RE: block all popups [google knockoff]; Re:, Jeremy Heslop
Previous by Thread:  [Full-Disclosure] Re: !SPAM! Automated ssh scanning, gadgeteer
Next by Thread:  Re: !SPAM! [Full-Disclosure] Automated ssh scanning, Richard Verwayen
Indexes:  [Date] [Thread] [Top] [All Lists]