Quote:
Originally Posted by DavidU
Now thats cool Dave  |
It is. Computer security is a very interesting topic, no matter what o/s you use. The principles for securing a system are the same, but UNIX and other UNIX like systems have a good, solid head start over Windows, simply because their primary design ideals have been for security and reliability, not ease of use. Ease of use is nice, but it will always result in trade offs on security/reliability imho. It's a fine line to walk. OS X does a nice job of it imho.
You could get really crazy and run stuff like freeBSD with jails, or Linux with chroots, or Solaris with zones and tie them down very tightly.
The debian guide was really just to show the basics of securing a system and if a system has been compromised, imho, the best way of dealing with it is blowing it away. You simply cannot be 100% sure that software will find every bit of trash
I wish it was that easy.
That said, Geoff has good points - these automated software cleanups will get rid of *most* of the junk, possibly all. There are some good books on the subject of computer security, and it's fun to read. Knowing what black hats get up to can sometimes help you learn how to tighten your system down. The fact that I work in the business only adds to the importance of learning about computer security imho.
Dave