[blfs-support] How to decide which scurity packages to install?
bruce.dubbs at gmail.com
Mon Jul 9 12:19:12 PDT 2012
Yasser Zamani wrote:
> Hi There,
> Unfortunately I do not know what does each package provide in section
> "4. Security" except network firewalls which I understand and would
> like to use.
> I've done the LFS in my personal laptop. The laptop is not included
> any network and just connects to Internet by static IP via a DSL
> modem. I myself is only the user of the laptop alone.
> So according to these conditions, do you recommend to install all "4.
> Security"'s packages one by one? If not so, any resource can help me
> to decide what to install and what to skip? Does installing all of
> them make the feauture work hard to do? I mean it's a single-user
> personal laptop (and I am a developer and experienced enough with
> computer systems to not break down them) So I would not like that LFS
> ask password sequencely for small jobs. My Internet connection is the
> only risk point, I think.
The security packages are a personal choice, but also depend on what you
need. I personally use openssh (needs openssl) a lot. I also use sudo.
If you use a browser, you probably need certificates.
Beyond that, I think it depends on need. Several packages want some of
the security programs as dependencies. For a laptop without any servers
running, you probably do not need iptables. I personally don't like PAM
and find TCP Wrappers unnecessary. Using GnuPG depends on whether you
want to encrypt files/do encrypted signatures, etc or not.
Some people are paranoid when it comes to computer security. Actually,
the amount of security depends on what you are protecting. If you leave
things like passwords, accoount numbers, or sensitive documents, on your
system, then you need to think about what happens if your laptop gets
More information about the blfs-support