Critical Defense Daemon

DALive Editor dalive at
Tue Sep 21 23:15:52 UTC 2004

I propose that a system/application (which I've chosen to call Critical 
Defense Daemon) be developed and integrated into Pfc.

Such a system have the following properties:
    - be installed by default, but could be disabled during Anaconda 
    - kick into action as soon as the presence of Internet connectivity 
is detected
    - reference a central server (group of servers) sending it's distro 
    - accept of packages vulnerable to attack over the Internet
    - check this list against installed package list
    - request iptable rules to block such an attack(s) if any installed 
packages are vulnerable
    - alert the user that said rules were about to be entered into their 
firewall, giving the user an opportunity to Cancel
    - implement said rules
    - if rule implementation failed alert user of failure and give user 
option to block all packets except packets outgoing to port 80
    - forward user to a detailed or simplified advisory online which 
would, among other things give instructions on how to prevent attack, etc.
    - would reverse rules once package version has been upgrade to a non 
affected version, or user requests that rules be reversed
    - check for update advisories at user defined intervals for users 
permanently connected to the Internet, and for dial up users do check on 
Internet connection

The reason I propose such a system is because over the past up I've 
installed a few fresh installs of Windows, and without service packs 
installed from cdrom, the machines last approx 20 mins on the net before 
they are bogged down my malaware. Such a system would serve as a simple 
preemptive move that would protect a Linux desktop from such problems 
now, and in the future.

Just an idea

More information about the desktop mailing list