Hardening Debian - Offline Install OS

Debian, by default, encourages the use of online install during its first operating system installation. This opens an opportunity to for intruder to attack the operating system while it is not ready. Since we want to harden Debian security, we must not allow such opportunity to happen. This section guides you on how to install Debian operating system offline.

Identified Threats

(T-07) Penetrable Access Open During Online Debian OS Installation

Action Required

Offline Install

Identified Threats

(T-07) Penetrable Access Open During Online Debian OS Installation

When the Debian operating system is being setup/installed, it is defend-less against any attacks from network since it is still setting up.

Action Required

These are possible actions to take.

Offline Install

When installing Debian operating system, one must disable the network connection and opt for offline install. To facilitate packaging, you can:

build you own installer ISO image using Simple-CDD.
Setup APT proxy server and have the installing target to use that proxy server instead of Internet.

That's all for installing Debian operating system offline for hardening Debian.

Back to Debian Security Hardening