[blfs-support] How to decide which scurity packages to install?

Bruce Dubbs bruce.dubbs at gmail.com
Mon Jul 9 12:19:12 PDT 2012


Yasser Zamani wrote:
>
>
> Hi There,
>
> Unfortunately I do not know what does each package provide in section
> "4. Security" except network firewalls which I understand and would
> like to use.
>
> I've done the LFS in my personal laptop. The laptop is not included
> any network and just connects to Internet by static IP via a DSL
> modem. I myself is only the user of the laptop alone.
>
> So according to these conditions, do you recommend to install all "4.
> Security"'s packages one by one? If not so, any resource can help me
> to decide what to install and what to skip? Does installing all of
> them make the feauture work hard to do? I mean it's a single-user
> personal laptop (and I am a developer and experienced enough with
> computer systems to not break down them) So I would not like that LFS
> ask password sequencely for small jobs. My Internet connection is the
> only risk point, I think.

The security packages are a personal choice, but also depend on what you 
need.  I personally use openssh (needs openssl) a lot.  I also use sudo. 
  If you use a browser, you probably need certificates.

Beyond that, I think it depends on need.  Several packages want some of 
the security programs as dependencies.  For a laptop without any servers 
running, you probably do not need iptables.  I personally don't like PAM 
and find TCP Wrappers unnecessary.  Using GnuPG depends on whether you 
want to encrypt files/do encrypted signatures, etc or not.

Some people are paranoid when it comes to computer security.  Actually, 
the amount of security depends on what you are protecting.  If you leave 
things like passwords, accoount numbers, or sensitive documents, on your 
system, then you need to think about what happens if your laptop gets 
stolen.


   -- Bruce



More information about the blfs-support mailing list