Re: secure installation

To: debian-security@lists.debian.org
Subject: Re: secure installation
From: Celejar <celejar@gmail.com>
Date: Fri, 17 Aug 2007 18:11:19 -0400
Message-id: <[🔎] 20070817181119.1f6d2e59.celejar@gmail.com>
In-reply-to: <[🔎] fa4ojb$hc9$1$8302bc10@news.demon.co.uk>
References: <[🔎] 2e4e9dbd0708151223q2f88f8e1m7689fb2912ca16fd@mail.gmail.com> <[🔎] 46C3726B.8040508@st-andrews.ac.uk> <[🔎] 2e4e9dbd0708152047kbd810f7o41f2f31e481d07e1@mail.gmail.com> <[🔎] fe374f8d0708160338u3bc87335q6e7c042a54466d84@mail.gmail.com> <[🔎] 2e4e9dbd0708161052w47d46478w76ec22e1beadc7b6@mail.gmail.com> <[🔎] 46C555F2.4020800@physik.blm.tu-muenchen.de> <[🔎] fa4ojb$hc9$1$8302bc10@news.demon.co.uk>

On Fri, 17 Aug 2007 19:15:06 +0100
Joe <joe@jretrading.com> wrote:

[snip]

> A few points I think should be mentioned that have not yet been:
> 
> Egress filtering in Windows personal firewalls, and finally built
> into Vista, is there in response to spyware. This is not yet a
> Linux problem, and is never likely to be as severe, but it will
> happen when children start using Linux in significant numbers.
> These firewalls also tend to monitor the originating executable,
> and warn the user when its signature changes, something we would
> normally associate with an IDS rather than a firewall. But on the
> whole, a process with the privilege to install would also have
> the privilege to disable the firewall, so it is doubtful whether
> a personal firewall is of much use to a root user. It is far more

There's also the point that egress filtering and monitoring executable
signatures doesn't catch malware that communicates with the outside
world via standard system apps / utilities using standard ports, e.g.
wget or even ssh.

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

References:
- secure installation
  - From: Pat <paparsoss@gmail.com>
- Re: secure installation
  - From: Ian McDonald <iam@st-andrews.ac.uk>
- Re: secure installation
  - From: Pat <paparsoss@gmail.com>
- Re: secure installation
  - From: "John Keimel" <john@keimel.com>
- Re: secure installation
  - From: Pat <paparsoss@gmail.com>
- Re: secure installation
  - From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>
- Re: secure installation
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: OPIE and S/Key authentication
Next by Date: /var/lib/dpkg/info/$package.md5sums
Previous by thread: Re: secure installation
Next by thread: Re: secure installation
Index(es):
- Date
- Thread