Debian has a system hardening metapackage that applies a number of settings and tools to make the system tougher to pop.
Should we install it by default? The whole thing or some subpackages?
1 Like
What would be the benefit?
Having loads of tools installed by default like intrusion detection software does not automagically make the system more secure in the slightest.
Or asked the other way around, which tools would be installed by default that would be useful to have them installed by default?
As for the “this package conflicts with insecure package, so they cannot be installed…” The harden-clients would conflict with tor-ctrl, because tor-ctrl depends on telnet. Having tools like telnet installed isn’t insecure per se. Depending on what one is using them for. It’s a useful tool for development. Making it difficult to install, looks at first view more than an annoyance than an improvement for most users who never heard of telnet. Maybe I am missing something here.
Related, not sure if applicable here:
[quote]What would be the benefit?[/quote
Probably not much. My idea was more auditing tools and tripwires would make hidden service attackers and their techniques more discoverable. I agree that Installing auditing software should probably be the choice and responsibility of someone who knows how to use it. For everyone else it would be overhead.
1 Like