Subject: Re: inetd.conf [firstname.lastname@example.org: CVS commit: basesrc]
To: NetBSD Networking Technical Discussion List <email@example.com>
From: Hal Murray <firstname.lastname@example.org>
Date: 06/06/2000 15:06:33
I think the key step is to have a document that describes "everything"
in this area.
You can either setup the system so that it is secure and have the
document describe what services are available and how to turn them
on, or you can setup things so that the system is insecure and describe
how to secure it (by turning things off).
My vote would be for the default configuration to be secure - AND
to have the how-to-turn-things-on document full of warnings about
the dangers/risks of each service.
How hard would it be to make the install scripts setup a root password?