How secure is LFS?

Richard Clark rclark at cunning.com
Tue Feb 26 11:13:20 PST 2002


I went with LFS for security, because I know exactly what I installed, I
know exactly what is on my system to be exploited.

I have Apache, Bind, Postfix, SSH, and QPopper.  
These are the only daemons running, and as long as I watch for security
reports, and keep them up to date, then I feel I am about as secure as I
can get.

I also follow the guidelines from TrinityOS
http://www.ecst.csuchico.edu/~dranch/LINUX/ and Bastile Linux
http://www.bastille-linux.org/ to help secure the system in general.

Now, that being said - Security is only as good as I make it.. If I am
lax, don't change the defaults, don't follow the security reports, and
don't patch and upgrade, then I will be just as open as any other
distro..

But at least it is MY fault :)

-RichardC

> -----Original Message-----
> From: Christoph R [mailto:linux.daemon at gmx.de]
> Sent: Tuesday, February 26, 2002 11:07 AM
> To: lfs-security at linuxfromscratch.org
> Subject: How secure is LFS?
> 
> 
> How secure is a LFS linux system (lets suppose you added some other
> progs
> like BIND, sendmail, Apache, cyrus-imap... and you are using it as a 
> internetserver for the according services)?
> 
> Or: how seucre can I get it and what is needed to do so?
> 
> 2nd or: How secure is it compared to security optimized distributions
> like "Engard Linux"?
> 
> 
> I would be glad if you could share some opinions with me.
> -- 
> Unsubscribe: send email to listar at linuxfromscratch.org
> and put 'unsubscribe lfs-security' in the subject header of 
> the message
> 
> 
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list