Re: 10.04 LTS kernel security problem?
On Fri, 13 May 2011 06:08 +1000, "Paul Gear" wrote: On 12/05/11 14:07, Ian Fleming wrote: ... For Ubuntu linux-image-2.6.35-25-generic + covers what is mentioned in the article. Local exploit - meaning the attacker would need physical access to the machine. And there is not much to stop that... Encryption maybe? A quick note about reading security notices: Generally when a security notice says that it has a local exploit, it does not mean that it requires physical access to the machine. It means that the exploit must originate from code running on the system itself. This is as opposed to a remote exploit, which can originate from another system, often by sending a specially crafted network packet, or putting data into a network stream that the receiving system does not sanitise appropriately. An example of a local exploit would be privilege escalation, where a program exploits a kernel flaw to raise it from ordinary user status to root status. Examples of remote exploits are buffer overruns, cross-site scripting vulnerabilities, etc. (I'm sure Wikipedia will have useful general summaries of these concepts if you care to search.) To answer the original poster's question: with nearly all vulnerabilities, the main thing ordinary end users can do that directly affects their system's security is keeping up-to-date with security patches (through update manager in the case of Ubuntu). Other general security best practices which are helpful in various instances are: * using good (long) passwords * running a firewall * filtering email through antivirus * using web filtering proxies which block known malware sites * having a good network design which limits access to only the required resources (both inbound & outbound) Regards, Paul * Thanks folks, so in summary, if my 10.04 is up-to-date according to the Update Manager, then I can do online-banking etc as confidently with 10.04 as with any other currently supported version of Ubuntu, whatever the kernel number is, correct? I haven't been using a software firewall in Ubuntu before now. Apart from whatever role my modem/router plays in that regard, should I be installing and running a firewall from the Ubuntu repositories? If so, what should I use? How do Ubuntu users filter email through antivirus? Is there a widely used and recommended program in the Ubuntu repositories? I haven't been using a software firewall or an antivirus program since Ubuntu became the OS I use 95% of the time... Thanks very much, Dave -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au Email had 1 attachment: * paul.vcf 1k (text/x-vcard) -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
Re: 10.04 LTS kernel security problem?
On 12/05/11 14:07, Ian Fleming wrote: ... For Ubuntu linux-image-2.6.35-25-generic + covers what is mentioned in the article. Local exploit - meaning the attacker would need physical access to the machine. And there is not much to stop that... Encryption maybe? A quick note about reading security notices: Generally when a security notice says that it has a local exploit, it does not mean that it requires physical access to the machine. It means that the exploit must originate from code running on the system itself. This is as opposed to a remote exploit, which can originate from another system, often by sending a specially crafted network packet, or putting data into a network stream that the receiving system does not sanitise appropriately. An example of a local exploit would be privilege escalation, where a program exploits a kernel flaw to raise it from ordinary user status to root status. Examples of remote exploits are buffer overruns, cross-site scripting vulnerabilities, etc. (I'm sure Wikipedia will have useful general summaries of these concepts if you care to search.) To answer the original poster's question: with nearly all vulnerabilities, the main thing ordinary end users can do that directly affects their system's security is keeping up-to-date with security patches (through update manager in the case of Ubuntu). Other general security best practices which are helpful in various instances are: using good (long) passwords running a firewall filtering email through antivirus using web filtering proxies which block known malware sites having a good network design which limits access to only the required resources (both inbound & outbound) Regards, Paul <>-- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
Re: Team IRC Meetings
Ubuntu-AU'ers! Based on all the feedback so far (please continue to provide it), would a suggestion of 3pm AEST suit more people than the current 8pm AEST on a Tuesday? I was thinking it would probably be easier to keep it the second one of the month just to make it easier to remember but also willing to discuss this as an option if it were preferred. Please, anyone who would be willing to attend even just to see what it's about (I know there are HUNDREDS of people on this list but only a handful have given feedback) throw in your 2cents. We are not going to ever please everyone but if changing the date/time is going to make it easier for even 20 people to attend who want to come along that has to dramatically benefit the team. I agree with the social media thing so I'm working towards getting some information together to help this out, watch this space. If anyone has any questions or comments to add on to how else we can improve attendance please let me (us) know! Regards, Jared Norris JP(Qual) BBehSc(Psych) https://wiki.ubuntu.com/JaredNorris On 10 May 2011 22:17, Joel Addison wrote: > Sundays should be fine for me also. > > Joel > > > On Tue, 2011-05-10 at 22:12 +1000, Cary Bielenberg wrote: > > Yep Sundays are usually quiet for me. > > Cary > > On 10/05/11 22:09, Joel Pickett wrote: > > I'd like to add my two cents and suggest the meeting is held on Sunday > evenings, either 7pm AEST or 8pm. > > Joel > > > > On 10/05/11 21:41, Cary Bielenberg wrote: > > For me Tuesday nights are a show stopper, I'm stating for informational > purposes & not an excuse to change the night. > > > Cary > > On 10/05/11 21:05, Jared Norris wrote: > > Good evening all, > > As has been apparent over the last few meetings the numbers are actually > dwindling instead of building. This brings the obvious question, what can we > do to try and get more people together for these meetings? I'm open to > discussing all ideas that anyone might have. Move the time, move the date, > change the format, whatever is going to get more people to actually attend > and contribute. > > Ideas anyone? > > Regards, > > Jared Norris JP(Qual) BBehSc(Psych) > https://wiki.ubuntu.com/JaredNorris > > >-- > If I agreed with you We'd both be wrong! -- Anon > > > > -- > If I agreed with you We'd both be wrong! -- Anon > > > > -- > ubuntu-au mailing list > ubuntu-au@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-au > > -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au