I propose that a system/application (which I've chosen to call Critical
Defense Daemon) be developed and integrated into Pfc.
Such a system have the following properties:
- be installed by default, but could be disabled during Anaconda
installer
- kick into action as soon as the presence of Internet connectivity
is detected
- reference a central server (group of servers) sending it's distro
version
- accept of packages vulnerable to attack over the Internet
- check this list against installed package list
- request iptable rules to block such an attack(s) if any installed
packages are vulnerable
- alert the user that said rules were about to be entered into their
firewall, giving the user an opportunity to Cancel
- implement said rules
- if rule implementation failed alert user of failure and give user
option to block all packets except packets outgoing to port 80
- forward user to a detailed or simplified advisory online which
would, among other things give instructions on how to prevent attack, etc.
- would reverse rules once package version has been upgrade to a non
affected version, or user requests that rules be reversed
- check for update advisories at user defined intervals for users
permanently connected to the Internet, and for dial up users do check on
Internet connection
The reason I propose such a system is because over the past up I've
installed a few fresh installs of Windows, and without service packs
installed from cdrom, the machines last approx 20 mins on the net before
they are bogged down my malaware. Such a system would serve as a simple
preemptive move that would protect a Linux desktop from such problems
now, and in the future.
Just an idea
Arturo
Show replies by date