bugreport

Security: There are three open ports on a new installation of Debian 6. These are port 25 (SMTP – Simple Mail Management Protocol), 111 (rpcbind port), and 631 (Internet Printing Protocol port). There is no firewall script in the init directory to start/stop the built-in firewall. There are at least a dozen firewall scripts and graphical firewall applications in the repository that you can install to protect your system. One of those scripts is the same firewall application available on Ubuntu and Ubuntu-based distributions. I am, of course, referring to ufw, the Uncomplicated FireWall, and its graphical interface – Gufw. While Gufw is simple to use, it lacks many useful features available in the graphical firewall applications on Fedora or Mandriva. Installing NuFW and its related programs provide a better firewall protection for your system than Gufw does.

Mandatory Access Control (MAC) programs available in the repository are SELinux and Tomoyo Linux. Although not as well known as SELinux, Tomoyo Linux, an NTT Data Corporation-sponsored project, provides MAC and system analysis services. It is said to be more noob-friendly than SELinux and AppArmor, a MAC program sponsored by Canonical, the parent company of Ubuntu.

Related Post:  Linux Mint 8 review

Suggestions: Because of the Debian Free Software Guidelines, a Debian distribution is never going to meet your desktop computing needs out-of-the-box. You will have to spend sometime adding alternate repos to your sources.list file, and installing several non-free packages. Nothing I write or suggest here is going to change that. There are, however, a few aspects of a new Debian 6 installation that could be improved, which have nothing to do with software licensing. If implemented, these suggestions should make a default installation of Debian better than it is now.

  • Like the Fedora and Pardus 2011 installer, the Debian Installer should be designed to enforce a minimum password length for the root and user account passwords. Allowing a user to specify a 1-character password encourages sloppy security behavior.
  • Out of the box, every distribution should have a firewall installed and configured. And it makes no difference whether the computer is sitting behind a network firewall or not. There is no good excuse for why a default installation of Debian should not have a security posture on par with that of, say, Fedora and Mandriva. The necessary applications are in the repository.
Related Post:  Fedora 15 LXDE review

Resources: You may download 32-bit and 64-bit standard, Live or netinst ISO images of Debian 6.0 here.

Screenshots: View a few more screenshots from my test installation of Debian 6.0.

Debian 6 desktop showing the games installed out of the box.
desktop1

Internet applications installed by default on Debian 6.
desktop2

Debian 6.0 desktop showing the applications in the System Tools menu category.
desktop3

Other system management applications installed by default on Debian 6.0.
desktop4

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer run network ads?  Yep, no more ads from the usual suspects that track and annoy you across the Internet. But since I still need to pay to keep the site running, feel free to make a small donation by PayPal or your favorite cryptocurrency.

  • Bitcoin
  • Ethereum
  • Xrp
  • Bitcoin cash
  • Bitcoin sv
  • Litecoin
  • Binance coin
  • Cardano
  • Ethereum classic
Scan to Donate Bitcoin to bc1qzvlte2m224zkayhdc7fdfjkp2rsgt0l5a496ua

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x0F4362DFF77F3Ba0Dc637F5f3Eba35D09a2fA60C

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Xrp to r4ggjvL36njsMCYTkJ3S7cTHscPsMsSGQv

Donate Xrp to this address

Scan the QR code or copy the address below into your wallet to send some Xrp

Scan to Donate Bitcoin cash to qrs0dedzp9t55af3nfwypydghp29r0xguy9s20fz2k

Donate Bitcoin cash to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin cash

Scan to Donate Bitcoin sv to 15K9TLyVDBtLuG9cYvXCX9SSkq9C9oUKHK

Donate Bitcoin sv to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin sv

Scan to Donate Litecoin to LetJ9QQMb7u2LMZ9Tu6rtHwcBcQFW98fbG

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Binance coin to bnb1ga8trq08ssqepd90v6225nzfgy448pu5pw8gxp

Donate Binance coin to this address

Scan the QR code or copy the address below into your wallet to send some Binance coin

Scan to Donate Cardano to addr1qx2354yw49etstfljpdhwja3ajjlt487lg95vu9ngy2q6vu4rf2ga2tjhqknlyzmwa9mrm997h20a7stgectxsg5p5esq5l7d9

Donate Cardano to this address

Scan the QR code or copy the address below into your wallet to send some Cardano

Scan to Donate Ethereum classic to 0xcD6CC972a2297FcafACDcfE042C55C69516a9264

Donate Ethereum classic to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum classic

Subscribe for updates. Trust me, no spam!

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

Upcoming events

12 Responses

  1. For some reason a part of me still wants to give Debian another chance, but I just don’t know what to choose, all I do is surf the web and listen to music/watch videos on my HP Mini netbook, so which one is good for me? Linux Mint Debian Edition or Debian Squeeze?

    1. Debian Squeeze will require some tweaking, installing extra codecs to do some of the stuff you want to use the computer for.

      LMDE is still a work in progress. If you want to stick with Debian-based distributions Linux Mint might be your best choice.

      1. Im those kind of people that is willing to learn and thats why i wanna try squeeze, but maybe i can ease myself first with LMDE and its Testing repos, then later on i can go to Squeeze and learn more! well thanks =D

  2. Did anyone else have a grub problem? Using a CD installation disc I installed 6.0.0 with server packages over a recent 5.x.x installation on a dual boot test machine – winXP on a 60Gb HD and Linux on a separate physical 40Gb HD. Grub no longer sees the XP OS at all. I repeated it with no server packages (for speed really) – same result. I haven’t tried to fix it yet, wonder whether this has occured elsewhere

    1. Nope. I’ve done installs using a CD-sized ISO, but not in a dual-boot setting.

      The issues is not with the packages selected for installation, but likely with the installation image.

      1. You are right about packages, I was just reporting info. I put 6.0.0 on another box, dual 3GHz processor, 160Gb HD, 1Gb RAM, no dual boot, and have some instances of generally reliable music packages crashing (Rosegarden, perhaps some Jack stuff but hard to tell yet whether that was just compromised), seems there’s a way to go yet. But it’s pretty good.

  3. Well, you have done the same mistake as everyone of us, by getting caught to the hurried release on the 6th. The Debian website doesn’t direct you to a link of Live DVD…So, everyone gets caught. Even today the Debian website won’t direct you to the Live DVD.

    Otherwise, you and me and lot of Debian wanted guys would not have wasted so much time installing it. The Live DVD downloads in the back ground and we could have done some other work in the mean time. The Debian team had never announced the release of the Live DVD, did they? Pretty mean, eh?

  4. Rather than install a firewall by default, the Debian install should just avoid listening on any ports by default.

    1. Interesting. I just completed an installation about an hour ago, and still ran into the same problem.

      But thanks. The link gave the solution. I have not tried it, but here it is, if you have ran into the same issue:

      Add this entry to /etc/apt/sources.list

      deb http://ftp.debian.org/debian squeeze-updates main

      Don’t forget to run apt-get update afterwards.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.