On Friday 18 January 2002 01:48, BUNTER MATTHEW wrote: > --- Reçu de RVIDOI.BUNTERMA 04 72 96 57 77 18/01/02 09.48 > > All, > > I am by no means an expert but from past experience, reading advice from > far more experienced persons than myself and having to deal with budgets, I > sincerely believe that Linux machines can be made secure enough to reduce > the risk of compromise. > > This doesn't always involve 'sexy' security tools. Not having X, telnet, > printing, or mail on a server that doesn't provide that service to a > business goes a long way. Don't use a Mack Truck when all you need is a VW > Beetle! Making sure sysadmins use tools like ssh (yes I know there have > been issues), ensure no generic accounts, good password rules, sudo > (ditto), processes for logging;, clearly defined roles and > responsibilities, and the list goes on. ><snip> I tend to agree. Since switching all our offices over to Linux last June, we have been adhering to a policy that each box has what it needs and nothing more. We have one exception at a remote office that runs solely on solar power. There, due to power constraints, we have one box that must provide both server and workstation functions. We monitor it very closely. -- Robin Lynn Frank Director of Operations Paradigm-Omega, LLC ============================================================ For security reasons, no attachments or HTML content will be accepted. ============================================================ Copyright © 2002. All rights reserved. Unauthorized reproduction or distribution is prohibited. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.