[CentOS] Unknown rootkit causes compromised servers

Tue Jan 29 16:20:50 UTC 2008
Les Mikesell <lesmikesell at gmail.com>

Chris Mauritz wrote:
> Milton Calnek wrote:
>> If you don't like the defaults, get anaconda to change them for you.
>> Or write a script that you run shortly after install to make the 
>> changes for you.
> 
> That would be pretty amazing if at the end (or at the beginning) of the 
> install there was some checkbox that said something to the effect of:
> 
> "Would you like to maintain compatibility with upstream security 
> defaults or would you like to follow our more sensible recommendations 
> instead?"
> 
> And if the user chooses the latter, a much more secure default 
> configuration could be applied.  That might go a long way towards 
> helping non-wizard folks to enjoy some measure of additional protection 
> by default.  Just a thought.

Or, package the more sensible configuration (according to your expert 
judgement...) in centosplus for easy addition later.

-- 
   Les Mikesell
    lesmikesell at gmail.com