Re: Starting new project "OpenBSD Bastille" - was Create a canned "Firewall Build"

[Tobias Weingartner <weingart@natasha.tepid.org>]

On Thursday, February 21, "Joerg Kuetemeier" wrote:
> 
> On the one hand we shall give newbies the chance to learn, why to deactivate
> them and how, on the other hand we shall give stressed sysadmins the tools
> to do it in some seconds.

Type 'man mg', 'man vi', 'man ed', 'man sed', 'man grep', 'man
kill', 'man inetd', and 'man inetd.conf'.  That should get you
started down the road to finding a solution which will turn off
those things in the "some" seconds you requested.

We ain't windows, we will not have a "click here" button to do
everything for you.


> I know security is always a term of progress and
> shall not be done by script-kiddies... so far in therory. But look around
> you: people are spreading a lot of money for commercial software they don't
> know anything of but slogans like "we give you the 100% secure system with
> one button".

Exactly, we don't claim to have one button.  Use the tools unix
gave you.  Learn how to use them.  They will reduce your stress
levels.


> Most of the sysadmins I know, don't even have time think about
> security - it's fatal, I know - but I feel it's like normal, today.

That's quite irresponsible.  Then I'd say you (or they) have comming
to yourself (or them) whatever comes down the pike.  That's like saying
that you know lots of people that drive cars, and they don't have time
to think about safety.  (That may be true, defensive drivers are rare
in today's society).


--Toby.
[100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax