Hosting Provided By

Re: secure installation

From: Celejar <celejar(at)gmail.com>
Date: Fri Aug 17 2007 - 18:11:19 EDT

On Fri, 17 Aug 2007 19:15:06 +0100
Joe <joe@jretrading.com> wrote:

[snip]

> A few points I think should be mentioned that have not yet been:
>
> Egress filtering in Windows personal firewalls, and finally built
> into Vista, is there in response to spyware. This is not yet a
> Linux problem, and is never likely to be as severe, but it will
> happen when children start using Linux in significant numbers.
> These firewalls also tend to monitor the originating executable,
> and warn the user when its signature changes, something we would
> normally associate with an IDS rather than a firewall. But on the
> whole, a process with the privilege to install would also have
> the privilege to disable the firewall, so it is doubtful whether
> a personal firewall is of much use to a root user. It is far more

There's also the point that egress filtering and monitoring executable signatures doesn't catch malware that communicates with the outside world via standard system apps / utilities using standard ports, e.g. wget or even ssh.

Celejar

--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Sun Aug 19 15:00:46 2007

This message: [ Message body ]
Next message: Maximilian Wilhelm: "/var/lib/dpkg/info/$package.md5sums"
Previous message: Russ Allbery: "Re: OPIE and S/Key authentication"
In reply to: Joe: "Re: secure installation"
Next in thread: paddy(at)panici.net: "Re: secure installation"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:52:49 EDT