On Mon, Mar 06, 2006 at 18:59:49 -0500, "Michael H. Warfield" <mhw@xxxxxxxxxxxx> wrote: > > In the security business, we have and expression for people like you. > Those people who use the "install everything" button just because they > "might" want something in the future (and then forget they installed it, > if they even realize they installed it to begin with). > > We dub thee "owned". There is a big difference between installing everything and running every every service that you have installed. > action. And the firewall defaults definitely help. But what about > Apache add ons (like PHP et al). If you don't know and decide Yes, you do need to pay attention to which Apache modules you use, since they don't obviously show up as services are easy for a new person to miss and are potential security problems. However, that is the exception not the rule.
