On Friday 18 January 2002 01:48, BUNTER MATTHEW wrote:
> --- Reçu de RVIDOI.BUNTERMA 04 72 96 57 77 18/01/02 09.48
>
> All,
>
> I am by no means an expert but from past experience, reading advice from
> far more experienced persons than myself and having to deal with budgets, I
> sincerely believe that Linux machines can be made secure enough to reduce
> the risk of compromise.
>
> This doesn't always involve 'sexy' security tools. Not having X, telnet,
> printing, or mail on a server that doesn't provide that service to a
> business goes a long way. Don't use a Mack Truck when all you need is a VW
> Beetle! Making sure sysadmins use tools like ssh (yes I know there have
> been issues), ensure no generic accounts, good password rules, sudo
> (ditto), processes for logging;, clearly defined roles and
> responsibilities, and the list goes on.
><snip>
I tend to agree. Since switching all our offices over to Linux last June, we
have been adhering to a policy that each box has what it needs and nothing
more. We have one exception at a remote office that runs solely on solar
power. There, due to power constraints, we have one box that must provide
both server and workstation functions. We monitor it very closely.
--
Robin Lynn Frank
Director of Operations
Paradigm-Omega, LLC
============================================================
For security reasons, no attachments or HTML content will be accepted.
============================================================
Copyright © 2002. All rights reserved. Unauthorized reproduction or
distribution is prohibited.
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
