On Fri, 13 May 2011 06:08 +1000, "Paul Gear"
<p...@libertysys.com.au> wrote:
On 12/05/11 14:07, Ian Fleming wrote:
...
For Ubuntu linux-image-2.6.35-25-generic + covers what is mentioned in the
article.
Local exploit - meaning the attacker would need physical access to the
machine.
And there is not much to stop that... Encryption maybe?
A quick note about reading security notices: Generally when a
security notice says that it has a local exploit, it does not
mean that it requires physical access to the machine. It means
that the exploit must originate from code running on the system
itself. This is as opposed to a remote exploit, which can
originate from another system, often by sending a specially
crafted network packet, or putting data into a network stream
that the receiving system does not sanitise appropriately.
An example of a local exploit would be privilege escalation,
where a program exploits a kernel flaw to raise it from ordinary
user status to root status. Examples of remote exploits are
buffer overruns, cross-site scripting vulnerabilities, etc. (I'm
sure Wikipedia will have useful general summaries of these
concepts if you care to search.)
To answer the original poster's question: with nearly all
vulnerabilities, the main thing ordinary end users can do that
directly affects their system's security is keeping up-to-date
with security patches (through update manager in the case of
Ubuntu). Other general security best practices which are helpful
in various instances are:
* using good (long) passwords
* running a firewall
* filtering email through antivirus
* using web filtering proxies which block known malware sites
* having a good network design which limits access to only the
required resources (both inbound & outbound)
Regards,
Paul
*****************
Thanks folks,
so in summary, if my 10.04 is up-to-date according to the Update
Manager, then I can do online-banking etc as confidently with
10.04 as with any other currently supported version of Ubuntu,
whatever the kernel number is, correct?
I haven't been using a software firewall in Ubuntu before now.
Apart from whatever role my modem/router plays in that regard,
should I be installing and running a firewall from the Ubuntu
repositories? If so, what should I use?
How do Ubuntu users filter email through antivirus? Is there a
widely used and recommended program in the Ubuntu repositories?
I haven't been using a software firewall or an antivirus program
since Ubuntu became the OS I use 95% of the time...
Thanks very much,
Dave
--
ubuntu-au mailing list
ubuntu-au@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
Email had 1 attachment:
* paul.vcf
1k (text/x-vcard)
--
ubuntu-au mailing list
ubuntu-au@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
