Date: Wed, 13 Jul 2016 12:25:21 +0200 (CEST) From: Simon Krenz <simon.krenz@mailbox.org> To: Steve Clement <steve@localhost.lu> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD - a lesson in poor defaults? Message-ID: <429620683.344.1468405521739@office.mailbox.org> In-Reply-To: <300EEE78-1BF1-460E-ABDD-8EA5C4809941@localhost.lu> References: <20160713073859.GA88448@localhost.lu> <57860275.404@obluda.cz> <300EEE78-1BF1-460E-ABDD-8EA5C4809941@localhost.lu>
index | next in thread | previous in thread | raw e-mail
IMHO I can agree with most of the statements written down in this text. I can not understand why I need ntpd or sendmail activated in default installations. If I want to setup a time server or a mail server with further abilities I can install them later on. Most of the installations don't need such features. I don't think that the majority of servers do need threaded AES-CTR or NONE ciphers also. For me a installation should be a minimum set of features and a secure one as well. For all further things I need to know what I want and can install them. This has nothing to do with: >If you need hardening, you should always check and know your system. because also if you don't need hardening you should always check and know your system. >I assume the virgin installed system will be ready to be remotely >configured (e.g. sshd running, no firewall). This will be as well with minimum sshd configuration and firewall activated. >If we can assume that this About blob from the FreeBSD site is it’s mission statement: “””” >https://www.freebsd.org/about.html What is FreeBSD? FreeBSD is an operating system for a variety of >platforms which focuses on features, speed, and stability. It is derived from BSD, the version of >UNIX® deve… And thats the problem, there is no word about security in this mission statement, but maybe it should be there in the actual word. Just my 2 centshome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?429620683.344.1468405521739>