[Haifux] Is the risk real? (Was: New mail icon for Thunderbird over Gnome)
eli at billauer.co.il
Mon May 14 15:14:42 MSD 2012
Two interesting cases indeed, but neither matching my question: The
first one was a Windows machine and the second we don't know.
Exploiting machines as a platform for your own nasty business is
probably the most common reason to attack a personal desktop. It's also
the situation with the least local damage: You fix the problem,
apologize, and go on with your life. I would say upgrading all the time
is worse in terms of efforts, and the number of mishaps you're expected
to have (I'm still working on getting this mail sent out as plain text
after upgrading my Thunderbird).
On 05/14/2012 11:25 AM, Orna Agmon Ben-Yehuda wrote:
> 1. My parents' Windows machine got infected with a very
> hard-to-get-rid-of virus that turned their machine, which was no
> server at all, into an SMTP machine, and used it for massive mail
> 2. When I was a checker for Wikipedia, I could check the IP of
> registered users who violated Wikipedia rules (vandalized pages - in
> particular, placed the Nazi flag in Jewish pages). I tried to trace
> the machine they were using, and file a complaint (or enable others to
> file a complaint) to the relevant body: the ISP (in case of a home
> connection) or the company whose machine it was. In some of the cases,
> the vandalizer used compromised machines - machines that were known to
> vandalizers to be open for such use.
> On Mon, May 14, 2012 at 3:20 AM, Eli Billauer <eli at billauer.co.il
> <mailto:eli at billauer.co.il>> wrote:
> Indeed, it's wise to have the firewall up.
> But what I tried to figure out, was if something real actually
> happened to someone. Port scanning is indeed unpleasant to watch
> if you're unprotected, but would something really happen if you
> dropped your firewall? Would whoever scanned those ports attack a
> Linux computer?
> Not that I volunteer to try that out myself. And still.
> On 05/14/2012 02:58 AM, guy keren wrote:
>> at least in the past - the risk was real.
>> when i first connected my computer to the internet via ADSL, and
>> set up firewall rules - i was surprised to see that i get many
>> (hundreads) of failed network connections from around the world.
>> what people do, is run software that scans complete address (IP)
>> ranges, and attempt to find exploitable services on them.
>> the solution, on my part, was to close down everything i could at
>> the firewall level, and try to keep the open services (e.g. the
>> kernel itself, ssh server, etc) updated. keeping things updated
>> was annoying with redhat - specifically the distribution updates
>> - and is one of the reasons i switched to ubuntu. i tend to keep
>> to the LTS (long term support - 3 years) versions of ubuntu - and
>> try to be in long delay after the latest distributions - after
>> having the diss-pleasure of upgrading too early to 8.04 (or
>> On 05/14/2012 12:45 AM, Eli Billauer wrote:
>>> Since my not-so-updated software versions became an issue in itself
>>> (somehow I always get that) I wondered: Leave alone the unpleasant
>>> feeling of knowing your computer *could* be exploited, are there
>>> real cases of attacks against personal, non-server Linux
>>> machines? The
>>> need to protect a server or a shared machine is obvious. But
>>> when it
>>> comes to a personal computer, is there any real life
>>> justification to be
>>> anything else than completely indifferent to those risks? Or can
>>> we in
>>> fact take a kibbutz approach of leaving the door open, knowing
>>> that we
>>> may invite someone to break in, but that doesn't really happen?
>>> This is not a question about what can happen, but what really does.
>>> And just to wrap up the original subject: I was reluctant to try
>>> mail-notification, because my mail filters move around the mails
>>> as they
>>> arrive. So I suspected things would get messy using a tool that
>>> apparently polls the mail box files directly.
>>> Anyhow, my solution ended up to be the Gnome Integration add on.
>>> I also
>>> installed Mail Tweak, which among others allowed me to set HTML
>>> + Plain
>>> text as the default outgoing mail format.
> Haifux mailing list
> Haifux at haifux.org <mailto:Haifux at haifux.org>
> Orna Agmon Ben-Yehuda.
More information about the Haifux