security recommendations

Arden yardcat at comcast.net
Sun Dec 17 06:22:58 PST 2006


On Dec 17, 2006, at 5:33 AM, Shawn wrote:

> On Saturday 16 December 2006 20:37, Arden wrote:
>> I am wondering what I really need to install for security on my new
>> LFS system.
>> I am the only user,
>> connected behind a router to the internet,
>> will be used for graphics, email, web,
>> and connect to my local network.
>>
>> Is PAM necessary? Tripwire? Kerberos? I would like to hear your
>> recommendations or comments.
>> Arden
>
> Hi Arden:
>
> I'm the same as you. I run a desktop system.
>
> I use PAM, iptables, and clamav for anti-virus.
> I also keep up to date on security alerts. See:
> http://www.us-cert.gov
>
> Shawn
>
On Dec 17, 2006, at 1:02 AM, Simon Geard wrote:
> --  
>> I think installing PAM is a good idea - not because it provides
>> additional security, but because the framework it provides is  
>> gradually
>> becoming a requirement of other projects. For example, the HAL
>> developers have introduced a desktop security framework called  
>> PolicyKit
>> which depends on PAM - the next version of HAL won't require this,  
>> but
>> future versions will. So installing PAM is probably a good idea.
>>
>>
>> For the others, I'd not bother. My machine runs an iptables  
>> firewall and
>> is behind a firewalled router, so I regard intrusion detection like
>> Tripwire to be unnecessary. And Kerberos is unlikely to be needed  
>> on a
>> home machine - it's total overkill for securing your own machine, and
>> probably not needed for accessing others either.
>>
>> Simon.

Thanks Shawn and Simon, your thoughts are appreciated. I may install  
PAM for that reason. You have confirmed what I had been thinking.

Arden



More information about the blfs-support mailing list