On Tue, Apr 1, 2008 at 3:29 PM, Christophe Lincoln <
pankso@xxxxxxxxxx> wrote:
Hi all,
It's a nice post, I love it.
Mybe a few more information from the SliTaz devs, about security, ports
your IP's, and compression.
---
SliTaz boot with only one open port: 80. This port is used by the
web server with HTTP protocol. Port 80 and HTTP is the port and
protocol everyone use, in most case to access the web (Port 443 is
generaly used for https).
SliTaz dont start Dropbear SSH server by default, so attack on port 22
to try gain access the host system is impossible.
SliTaz also disable by default root login by SSH, so you can't direct
attack root account if you start manually or at boot Dropbear server.
Crackers have to crack a user password and then root password to be
able to use 'su'. Almost very difficult.
For the IP and default page on the website... Funny, me and Eric wanted
to provide a nice home page installed on the CD with searchbox for
wikipedia, Google, etc... and with a great big Spider!
And.. how www.slitaz.org might gain the upper hand via firefox? Is there
any known bug? In this case all distributions on live CD are
vulnerables (Via sudo su)
Roberts:
<quote>
> Lots of commpression is used here gzip and lzma to achieve small
> size. We have often discussed using more compression but didn't
> because the older cpus would spend too much time decompressing
> things. Small distro does not mean run extremely fast on very old
> hardware due to overhead of uncompressing.
</quote>
This is true only for boot time. When booted (Boot baby.. boot!) SliTaz
use compressed files located all in RAM, so much more fast than files
compressed with cloop on a cdrom!
For the SliTaz devs,
- Christophe