[vox-tech] Spyware For Linux?
Bill Kendrick
nbs at sonic.net
Tue Mar 15 11:13:10 PST 2005
On Tue, Mar 15, 2005 at 10:46:15AM -0800, Jonathan Stickel wrote:
> Occasionally I
> hear of it happening with power Linux users running all kinds of
> internet services, but does it happen with home users?
> Can it happen if they don't use any network daemons?
Sure. All sorts of apps have all sorts of bugs. Konversation recently
had an interesting bug, which I forget off the top of my head.
I don't beleive it could lead to a /root/ compromise... but then, how many
of us keep our private documents and tax files in the root account?
(Versus the normal user-level account we do our daily browsing with?)
> It bothers me that Fedora turns sshd on by default.
> A naive user could set a silly root password, and
> they'll be cracked in a few hours.
Does it allow root to SSH in by default? (I've seen setups which specifically
do /not/.)
> I kind of watch Gentoo security announcements. Many of them deal with
> denial of service (DOS) attacks where a program running as nonroot could
> hang the computer. How often does this happen? I'm less concerned
> about this one because I would notice right away and fix it. A
> comprised system can go undetected for awhile and mean lots of clean up
> work.
Backup often. (Eep! I should talk! I should go home and back up tonight!)
-bill!
More information about the vox-tech
mailing list