Posted by: Anonymous Coward
on June 23, 2006 10:11 AM
There is not much to do to get *buntu (ubuntu even) up to advertised enterprise condition. With the focus now on flashy fun stuff...then the stuff that should have been done for dapper, is that now on the back burner?
Ok to use Linux with no Firewall..! Good joke! Funny...
But, if it was not joke...
Firewalls = at install need to be offered to the users who don't have any at all! The number one reason why Microsoft is launching the new battlestar is security. Ubuntu and it's family should have firewalls and full on SELinux all ON by default. Let the user turn then off... but, by default all security should be on (Fedora does this fairly well... and the K12LTSP, that is Fedora based, has this as part of the install as well)!
GO to this web site and do some homework. <a href="http://www.grc.com/" title="grc.com">http://www.grc.com/</a grc.com> (basics on security and the need for firewalls)! Hey then set up any *buntu distro and run the GRC "ShieldsUP" port testing tool (and see what happens next)! If they can see your ports, then they can probe your ports. Why advertise your ports as open? FIREWALLS need to be on by default. Ports need to be "stealth" rated by GRC testing. If you got basic networking built-in... you need to block stuff at the firewall... and if no network, then turn off networking functions (by default) and allow for them to be turned on manually... and then allow networking to happen locally... gee, even firestarter installed by default is ok (except my testing of Firestarter seems to have problems with LTSP install of Edubuntu). Any suggestions for an LTSP friendly Edubuntu Firewall for the LTSP machine (installed with 2 NICS)?
Not everyone in the work can afford hardware firewalls... and I once had old modem activity and someone was building a virtual hard drive in RAM (Win98) while the computer was sitting there doing nothing (external modem lights were flashing like crazy so I check it out and watched the intruder and had some fun). LINUX is software, software is not secure by fault (read: Secrets and Lies by Bruce Schneier, source info here: <a href="http://www.counterpane.com/sandl.html" title="counterpane.com">http://www.counterpane.com/sandl.html</a counterpane.com> "Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world")!
Learn about Linux
Download Linux
Get Linux help
You jest? No firewall at install is ok! Funny.
Posted by: Anonymous Coward on June 23, 2006 10:11 AMOk to use Linux with no Firewall..! Good joke! Funny...
But, if it was not joke...
Firewalls = at install need to be offered to the users who don't have any at all! The number one reason why Microsoft is launching the new battlestar is security. Ubuntu and it's family should have firewalls and full on SELinux all ON by default. Let the user turn then off... but, by default all security should be on (Fedora does this fairly well... and the K12LTSP, that is Fedora based, has this as part of the install as well)!
GO to this web site and do some homework.
<a href="http://www.grc.com/" title="grc.com">http://www.grc.com/</a grc.com> (basics on security and the need for firewalls)! Hey then set up any *buntu distro and run the GRC "ShieldsUP" port testing tool (and see what happens next)! If they can see your ports, then they can probe your ports. Why advertise your ports as open? FIREWALLS need to be on by default. Ports need to be "stealth" rated by GRC testing. If you got basic networking built-in... you need to block stuff at the firewall... and if no network, then turn off networking functions (by default) and allow for them to be turned on manually... and then allow networking to happen locally... gee, even firestarter installed by default is ok (except my testing of Firestarter seems to have problems with LTSP install of Edubuntu). Any suggestions for an LTSP friendly Edubuntu Firewall for the LTSP machine (installed with 2 NICS)?
Not everyone in the work can afford hardware firewalls... and I once had old modem activity and someone was building a virtual hard drive in RAM (Win98) while the computer was sitting there doing nothing (external modem lights were flashing like crazy so I check it out and watched the intruder and had some fun). LINUX is software, software is not secure by fault (read: Secrets and Lies by
Bruce Schneier, source info here:
<a href="http://www.counterpane.com/sandl.html" title="counterpane.com">http://www.counterpane.com/sandl.html</a counterpane.com>
"Information security expert Bruce Schneier explains what everyone in business needs to know about security in order to survive and be competitive. Pragmatic, interesting, and humorous, Schneier exposes the digital world and the realities of our networked society. He examines the entire system, from the reasons for technical insecurities to the minds behind malicious attacks. You'll be guided through the security war zone, and learn how to understand and arm yourself against the threats of our connected world")!
#