Security: There are three open ports on a new installation of Debian 6. These are port 25 (SMTP – Simple Mail Management Protocol), 111 (rpcbind port), and 631 (Internet Printing Protocol port). There is no firewall script in the init directory to start/stop the built-in firewall. There are at least a dozen firewall scripts and graphical firewall applications in the repository that you can install to protect your system. One of those scripts is the same firewall application available on Ubuntu and Ubuntu-based distributions. I am, of course, referring to ufw, the Uncomplicated FireWall, and its graphical interface – Gufw. While Gufw is simple to use, it lacks many useful features available in the graphical firewall applications on Fedora or Mandriva. Installing NuFW and its related programs provide a better firewall protection for your system than Gufw does.
Mandatory Access Control (MAC) programs available in the repository are SELinux and Tomoyo Linux. Although not as well known as SELinux, Tomoyo Linux, an NTT Data Corporation-sponsored project, provides MAC and system analysis services. It is said to be more noob-friendly than SELinux and AppArmor, a MAC program sponsored by Canonical, the parent company of Ubuntu.
Suggestions: Because of the Debian Free Software Guidelines, a Debian distribution is never going to meet your desktop computing needs out-of-the-box. You will have to spend sometime adding alternate repos to your sources.list file, and installing several non-free packages. Nothing I write or suggest here is going to change that. There are, however, a few aspects of a new Debian 6 installation that could be improved, which have nothing to do with software licensing. If implemented, these suggestions should make a default installation of Debian better than it is now.
- Like the Fedora and Pardus 2011 installer, the Debian Installer should be designed to enforce a minimum password length for the root and user account passwords. Allowing a user to specify a 1-character password encourages sloppy security behavior.
- Out of the box, every distribution should have a firewall installed and configured. And it makes no difference whether the computer is sitting behind a network firewall or not. There is no good excuse for why a default installation of Debian should not have a security posture on par with that of, say, Fedora and Mandriva. The necessary applications are in the repository.
Resources: You may download 32-bit and 64-bit standard, Live or netinst ISO images of Debian 6.0 here.
Screenshots: View a few more screenshots from my test installation of Debian 6.0.
Debian 6 desktop showing the games installed out of the box.
Internet applications installed by default on Debian 6.
Debian 6.0 desktop showing the applications in the System Tools menu category.
Other system management applications installed by default on Debian 6.0.
For some reason a part of me still wants to give Debian another chance, but I just don’t know what to choose, all I do is surf the web and listen to music/watch videos on my HP Mini netbook, so which one is good for me? Linux Mint Debian Edition or Debian Squeeze?
Debian Squeeze will require some tweaking, installing extra codecs to do some of the stuff you want to use the computer for.
LMDE is still a work in progress. If you want to stick with Debian-based distributions Linux Mint might be your best choice.
Im those kind of people that is willing to learn and thats why i wanna try squeeze, but maybe i can ease myself first with LMDE and its Testing repos, then later on i can go to Squeeze and learn more! well thanks =D
Did anyone else have a grub problem? Using a CD installation disc I installed 6.0.0 with server packages over a recent 5.x.x installation on a dual boot test machine – winXP on a 60Gb HD and Linux on a separate physical 40Gb HD. Grub no longer sees the XP OS at all. I repeated it with no server packages (for speed really) – same result. I haven’t tried to fix it yet, wonder whether this has occured elsewhere
Nope. I’ve done installs using a CD-sized ISO, but not in a dual-boot setting.
The issues is not with the packages selected for installation, but likely with the installation image.
You are right about packages, I was just reporting info. I put 6.0.0 on another box, dual 3GHz processor, 160Gb HD, 1Gb RAM, no dual boot, and have some instances of generally reliable music packages crashing (Rosegarden, perhaps some Jack stuff but hard to tell yet whether that was just compromised), seems there’s a way to go yet. But it’s pretty good.
Well, you have done the same mistake as everyone of us, by getting caught to the hurried release on the 6th. The Debian website doesn’t direct you to a link of Live DVD…So, everyone gets caught. Even today the Debian website won’t direct you to the Live DVD.
Otherwise, you and me and lot of Debian wanted guys would not have wasted so much time installing it. The Live DVD downloads in the back ground and we could have done some other work in the mean time. The Debian team had never announced the release of the Live DVD, did they? Pretty mean, eh?
Rather than install a firewall by default, the Debian install should just avoid listening on any ports by default.
Volatile repository has been discontinued in Squeeze and It has been replaced by the suite squeeze-updates on the official mirrors.
http://lists.debian.org/debian-volatile-announce/2011/msg00000.html
Interesting. I just completed an installation about an hour ago, and still ran into the same problem.
But thanks. The link gave the solution. I have not tried it, but here it is, if you have ran into the same issue:
Add this entry to /etc/apt/sources.list
deb http://ftp.debian.org/debian squeeze-updates main
Don’t forget to run apt-get update afterwards.