l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2005 Mar 15 11:31

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Spyware For Linux?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Spyware For Linux?



On Tue, Mar 15, 2005 at 10:46:15AM -0800, Jonathan Stickel wrote:
> Occasionally I 
> hear of it happening with power Linux users running all kinds of 
> internet services, but does it happen with home users?
> Can it happen if they don't use any network daemons?

Sure.  All sorts of apps have all sorts of bugs.  Konversation recently
had an interesting bug, which I forget off the top of my head.
I don't beleive it could lead to a /root/ compromise...  but then, how many
of us keep our private documents and tax files in the root account?
(Versus the normal user-level account we do our daily browsing with?)


> It bothers me that Fedora turns sshd on by default.
> A naive user could set a silly root password, and 
> they'll be cracked in a few hours.

Does it allow root to SSH in by default?  (I've seen setups which specifically
do /not/.)


> I kind of watch Gentoo security announcements.  Many of them deal with 
> denial of service (DOS) attacks where a program running as nonroot could 
> hang the computer.  How often does this happen?  I'm less concerned 
> about this one because I would notice right away and fix it.  A 
> comprised system can go undetected for awhile and mean lots of clean up 
> work.

Backup often.  (Eep!  I should talk!  I should go home and back up tonight!)

-bill!
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.