Re: secure installation
On Fri, 17 Aug 2007 19:15:06 +0100
Joe <joe@jretrading.com> wrote:
[snip]
> A few points I think should be mentioned that have not yet been:
>
> Egress filtering in Windows personal firewalls, and finally built
> into Vista, is there in response to spyware. This is not yet a
> Linux problem, and is never likely to be as severe, but it will
> happen when children start using Linux in significant numbers.
> These firewalls also tend to monitor the originating executable,
> and warn the user when its signature changes, something we would
> normally associate with an IDS rather than a firewall. But on the
> whole, a process with the privilege to install would also have
> the privilege to disable the firewall, so it is doubtful whether
> a personal firewall is of much use to a root user. It is far more
There's also the point that egress filtering and monitoring executable
signatures doesn't catch malware that communicates with the outside
world via standard system apps / utilities using standard ports, e.g.
wget or even ssh.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: