Partner links

bugreport

Security: There are three open ports on a new installation of Debian 6. These are port 25 (SMTP – Simple Mail Management Protocol), 111 (rpcbind port), and 631 (Internet Printing Protocol port). There is no firewall script in the init directory to start/stop the built-in firewall. There are at least a dozen firewall scripts and graphical firewall applications in the repository that you can install to protect your system. One of those scripts is the same firewall application available on Ubuntu and Ubuntu-based distributions. I am, of course, referring to ufw, the Uncomplicated FireWall, and its graphical interface – Gufw. While Gufw is simple to use, it lacks many useful features available in the graphical firewall applications on Fedora or Mandriva. Installing NuFW and its related programs provide a better firewall protection for your system than Gufw does.

Mandatory Access Control (MAC) programs available in the repository are SELinux and Tomoyo Linux. Although not as well known as SELinux, Tomoyo Linux, an NTT Data Corporation-sponsored project, provides MAC and system analysis services. It is said to be more noob-friendly than SELinux and AppArmor, a MAC program sponsored by Canonical, the parent company of Ubuntu.

Suggestions: Because of the Debian Free Software Guidelines, a Debian distribution is never going to meet your desktop computing needs out-of-the-box. You will have to spend sometime adding alternate repos to your sources.list file, and installing several non-free packages. Nothing I write or suggest here is going to change that. There are, however, a few aspects of a new Debian 6 installation that could be improved, which have nothing to do with software licensing. If implemented, these suggestions should make a default installation of Debian better than it is now.

  • Like the Fedora and Pardus 2011 installer, the Debian Installer should be designed to enforce a minimum password length for the root and user account passwords. Allowing a user to specify a 1-character password encourages sloppy security behavior.
  • Out of the box, every distribution should have a firewall installed and configured. And it makes no difference whether the computer is sitting behind a network firewall or not. There is no good excuse for why a default installation of Debian should not have a security posture on par with that of, say, Fedora and Mandriva. The necessary applications are in the repository.

Resources: You may download 32-bit and 64-bit standard, Live or netinst ISO images of Debian 6.0 here.

Screenshots: View a few more screenshots from my test installation of Debian 6.0.

Debian 6 desktop showing the games installed out of the box.
desktop1

Internet applications installed by default on Debian 6.
desktop2

Debian 6.0 desktop showing the applications in the System Tools menu category.
desktop3

Other system management applications installed by default on Debian 6.0.
desktop4

Share:

Facebook
Twitter
Pinterest
LinkedIn

Partner links

Newsletter: Subscribe for updates

Subscribe
Notify of
guest
12 Comments
Inline Feedbacks
View all comments
George
George
12 years ago

For some reason a part of me still wants to give Debian another chance, but I just don’t know what to choose, all I do is surf the web and listen to music/watch videos on my HP Mini netbook, so which one is good for me? Linux Mint Debian Edition or Debian Squeeze?

George
George
Reply to  finid
12 years ago

Im those kind of people that is willing to learn and thats why i wanna try squeeze, but maybe i can ease myself first with LMDE and its Testing repos, then later on i can go to Squeeze and learn more! well thanks =D

chazza
chazza
13 years ago

Did anyone else have a grub problem? Using a CD installation disc I installed 6.0.0 with server packages over a recent 5.x.x installation on a dual boot test machine – winXP on a 60Gb HD and Linux on a separate physical 40Gb HD. Grub no longer sees the XP OS at all. I repeated it with no server packages (for speed really) – same result. I haven’t tried to fix it yet, wonder whether this has occured elsewhere

chazza
chazza
Reply to  finid
13 years ago

You are right about packages, I was just reporting info. I put 6.0.0 on another box, dual 3GHz processor, 160Gb HD, 1Gb RAM, no dual boot, and have some instances of generally reliable music packages crashing (Rosegarden, perhaps some Jack stuff but hard to tell yet whether that was just compromised), seems there’s a way to go yet. But it’s pretty good.

Ariya
Ariya
13 years ago

Well, you have done the same mistake as everyone of us, by getting caught to the hurried release on the 6th. The Debian website doesn’t direct you to a link of Live DVD…So, everyone gets caught. Even today the Debian website won’t direct you to the Live DVD.

Otherwise, you and me and lot of Debian wanted guys would not have wasted so much time installing it. The Live DVD downloads in the back ground and we could have done some other work in the mean time. The Debian team had never announced the release of the Live DVD, did they? Pretty mean, eh?

Anonymous
Anonymous
13 years ago

Rather than install a firewall by default, the Debian install should just avoid listening on any ports by default.

Debianero
Debianero
13 years ago

Volatile repository has been discontinued in Squeeze and It has been replaced by the suite squeeze-updates on the official mirrors.

http://lists.debian.org/debian-volatile-announce/2011/msg00000.html

Get the latest

On social media

Security distros

Hacker
Linux distros for hacking and pentesting

Crypto mining OS

Bitcoin
Distros for mining bitcoin and other cryptocurrencies

Crypto hardware

MSI GeForce GTX 1070
Installing Nvidia GTX 1070 GPU drivers on Ubuntu

Disk guide

LVM
Beginner's guide to disks & disk partitions in Linux

Bash guide

Bash shell terminal
How to set the PATH variable in Bash
Categories
Archives
12
0
Hya, what do you think? Please comment.x
()
x