On 10/06/2014 04:20 AM, Richard Owlett wrote: > I'm a relatively new convert from Windows to Debian... > I'm looking for a reference document that wouldn't scare my friend off > Debian and also give me the required information to: > 1. close the maximum number of ports. > I see him using browser, email, ftp file downloading. > I don't see him being a server. All incoming packets should be to > fulfill a previous outgoing request - [correctly phrased?]. https://wiki.debian.org/iptables should be as much as you need to accomplish this. It will walk you through setting up a basic, restrictive iptables ruleset with optional allowed inputs for services. What it does not do is explain what iptables is for, what packets are, why they need filtering, et cetera. I don't know that there's such an introductory page on the wiki, but if one does not exist I'd be happy to collaborate with you on making one. Feel free to contact me off-list if you'd like.
> 2. list of daemons/services/??? that should be disabled or not installed. It depends on what your friend will do with his computer, and it would likely be easier to list the few services which *should* be installed. Off the top of my head: rpcbind, udevd, syslogd, getty, your diplay manager if any. Probably others depending on use. Any service you're not currently using should be disabled. Any service you won't use should not be installed. If you're going to advise someone else, particularly a newcomer to Debian, please read the manuals, particularly https://www.debian.org/doc/manuals/debian-reference/ It's a lot of reading, and I'm not saying you need to read it all before you do or say anything- but most of your questions will be answered there, and having read it, you'll know better which questions to ask. Good luck, and have fun! -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/m109ql$fak$1...@news.albasani.net
