Installing a compiler by default
Scott Dier
dieman at ringworld.org
Thu Jun 8 21:44:02 BST 2006
Florian Zeitz wrote:
> My personal opinion on the security mater is, that on a default desktop
> install ubuntu's no open ports policy is used, so there won't be any
> possibility for attackers to get in anyway.
>
Please read:
http://www.nsc.liu.se/~nixon/stakkato.pdf
Outlines an attacker who focused on obtaining legitimate logins to move
from site to site. Its arguable that a considerable number of Ubuntu
desktops run with sshd enabled -- I don't think its good if arguments on
service availability change the focus of how to better secure systems.
All it takes is an issue in gaim, thunderbird, etc to allow an attacker
a crack in the door.
--
Scott Dier <dieman at ringworld.org>
More information about the ubuntu-devel
mailing list