Quote:
Originally Posted by bsd007
That part is solved. I got a mail with detailed report of what I chose during installation.
|
Yes, I know. The default installation actually includes sshd(8) as a running service. You are not running it.
Quote:
|
I have installed XFCE, nano, Firefox, transmission-gtk, libreoffice, smplayer, vlc payer, ksnapshot, hexchat, thunderbird,
|
In that short list there are a number of applications with a history of being successful attack vectors, or being attack vectors when configured or used used improperly. And those are just the applications you installed manually. There are probably several hundred installed packages on your workstation. The majority of your installed packages are dependencies that were installed automatically.
Quote:
|
Kindly elaborate. As I said I chose "no" when asked if I want to start sshd on boot.
|
It is *possible* to make sshd(8) provisioning choices when running the script which are considered insecure. You didn't.
But you do have applications installed which are powerful, complicated, and often difficult to operate securely. Such as Firefox, to pick one easy (and sometimes scary) example.
Even an admin trying to be "as secure as possible" can easily make a mistake, unknowingly.