[Haifux] Is the risk real? (Was: New mail icon for Thunderbird over Gnome)
Orna Agmon Ben-Yehuda
ladypine at gmail.com
Mon May 14 12:25:21 MSD 2012
1. My parents' Windows machine got infected with a very hard-to-get-rid-of
virus that turned their machine, which was no server at all, into an SMTP
machine, and used it for massive mail operations.
2. When I was a checker for Wikipedia, I could check the IP of registered
users who violated Wikipedia rules (vandalized pages - in particular,
placed the Nazi flag in Jewish pages). I tried to trace the machine they
were using, and file a complaint (or enable others to file a complaint) to
the relevant body: the ISP (in case of a home connection) or the company
whose machine it was. In some of the cases, the vandalizer used compromised
machines - machines that were known to vandalizers to be open for such use.
On Mon, May 14, 2012 at 3:20 AM, Eli Billauer <eli at billauer.co.il> wrote:
> Indeed, it's wise to have the firewall up.
> But what I tried to figure out, was if something real actually happened to
> someone. Port scanning is indeed unpleasant to watch if you're unprotected,
> but would something really happen if you dropped your firewall? Would
> whoever scanned those ports attack a Linux computer?
> Not that I volunteer to try that out myself. And still.
> On 05/14/2012 02:58 AM, guy keren wrote:
> at least in the past - the risk was real.
> when i first connected my computer to the internet via ADSL, and set up
> firewall rules - i was surprised to see that i get many (hundreads) of
> failed network connections from around the world.
> what people do, is run software that scans complete address (IP) ranges,
> and attempt to find exploitable services on them.
> the solution, on my part, was to close down everything i could at the
> firewall level, and try to keep the open services (e.g. the kernel itself,
> ssh server, etc) updated. keeping things updated was annoying with redhat -
> specifically the distribution updates - and is one of the reasons i
> switched to ubuntu. i tend to keep to the LTS (long term support - 3 years)
> versions of ubuntu - and try to be in long delay after the latest
> distributions - after having the diss-pleasure of upgrading too early to
> 8.04 (or something).
> On 05/14/2012 12:45 AM, Eli Billauer wrote:
> Since my not-so-updated software versions became an issue in itself
> (somehow I always get that) I wondered: Leave alone the unpleasant
> feeling of knowing your computer *could* be exploited, are there any
> real cases of attacks against personal, non-server Linux machines? The
> need to protect a server or a shared machine is obvious. But when it
> comes to a personal computer, is there any real life justification to be
> anything else than completely indifferent to those risks? Or can we in
> fact take a kibbutz approach of leaving the door open, knowing that we
> may invite someone to break in, but that doesn't really happen?
> This is not a question about what can happen, but what really does.
> And just to wrap up the original subject: I was reluctant to try
> mail-notification, because my mail filters move around the mails as they
> arrive. So I suspected things would get messy using a tool that
> apparently polls the mail box files directly.
> Anyhow, my solution ended up to be the Gnome Integration add on. I also
> installed Mail Tweak, which among others allowed me to set HTML + Plain
> text as the default outgoing mail format.
> Web: http://www.billauer.co.il
> Haifux mailing list
> Haifux at haifux.org
Orna Agmon Ben-Yehuda.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Haifux