Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Linux Security Expert Defends Debian

Dec 3, 2003 5:23PM PST

Debian Project leaders did a good job before and after a breach that took down their servers Nov. 21 said Jay Beale, lead developer on the Bastille Linux project and a consultant at JJB Security Consulting & Training.

Beale told internetnews.com it's impossible to secure any server connected to the Internet, and it's even more difficult for an open source project like Debian, which has a large group of developers accessing the servers. The steps Debian project administrators took before the breach helped slow down the damage the attacker was able to cause before detection.

"The Debian project has been pretty smart and made their machines more restrictive than others based on its purpose," he said. "That was a really good move - taking machines, and considering their purpose and configuring them so they only allow what access to what people should be required for that purpose. That specialization is one of the best things you can do to protect servers."

http://www.internetnews.com/dev-news/article.php/3116231

Discussion is locked