Virus Issue 2
Rich Rudnick
nickrud at sbcglobal.net
Fri Mar 25 00:37:17 UTC 2005
On Thu, 2005-03-24 at 19:10 -0500, Nathan Sprangers wrote:
> On Fri, 25 Mar 2005 01:49:20 +0200, Andre Truter
> <andre.truter at gmail.com> wrote:
> > On Thu, 24 Mar 2005 16:50:53 +0100, René L. Reingard
> > <reingard at hispeed.ch> wrote:
> > > b.) if working as a simple user, hanging in the world wide web, the
> > > root
> > > can not become exploit by anyone? yes OR no?
> >
> > Normally, no. It is still possible for an atacker to exploit your
> > system via unpatched security holes, but working as a normal user
> > reduce the risks and makes it more difficult for an atacker.
> > It is also a good idea to be behind a firewall. Of your machine is
> > direct on the WEB, make sure the network interface connected to the
> > net is firewalled.
>
> I generally thought a firewall wasn't necessary since by default Ubuntu
> installs with no services running to the outside world.
Ubuntu's security policy is the (high quality:) thumb lock, the
machine's firewall is the deadbolt, and the external firewall is the fox
lock.
If you have universe or multiverse in your sources, ports may pop open
where you least expect them. Unlocking only the ports you want to use is
generally a good thing.
More information about the ubuntu-users
mailing list