On Tue, 25 Jan 2011 21:58:02 +
Joe wrote:
> On Tue, 25 Jan 2011 15:00:36 -0500
> Celejar wrote:
>
> > On Tue, 25 Jan 2011 12:51:15 + (UTC)
> > Camaleón wrote:
> >
> >> >
> > > In this scenario, the "LAN" and the "WAN" are at the same "hostile"
> > > level and so both should be treate
On Tue, 25 Jan 2011 15:00:36 -0500
Celejar wrote:
> On Tue, 25 Jan 2011 12:51:15 + (UTC)
> Camaleón wrote:
>
>> >
> > In this scenario, the "LAN" and the "WAN" are at the same "hostile"
> > level and so both should be treated. Why should you accept
> > incomming ssh traffic from the "hosti
On Tue, 25 Jan 2011 12:51:15 + (UTC)
Camaleón wrote:
> On Mon, 24 Jan 2011 15:57:33 -0500, Celejar wrote:
>
> > On Fri, 7 Jan 2011 19:51:59 + (UTC) Camaleón wrote:
> >
> >> Open wifi hot-spots (or open networks) are dangerous because all your
> >> "neighbors" can represent a potential s
On Mon, 24 Jan 2011 15:57:33 -0500, Celejar wrote:
> On Fri, 7 Jan 2011 19:51:59 + (UTC) Camaleón wrote:
>
>> Open wifi hot-spots (or open networks) are dangerous because all your
>> "neighbors" can represent a potential security risk (they have
>> "physical" access to your machine), meaning
On Fri, 7 Jan 2011 19:51:59 + (UTC)
Camaleón wrote:
> On Fri, 07 Jan 2011 20:53:44 +0200, Andrei Popescu wrote:
>
> > On Vi, 07 ian 11, 16:23:16, Eduardo M KALINOWSKI wrote:
> >> On Sex, 07 Jan 2011, Andrei Popescu wrote:
> >> >If you consider an open wireless to be more dangerous, what addi
On Mon, 24 Jan 2011 01:17:55 +0200, Eero Volotinen wrote:
>> Open wifi hot-spots (or open networks) are dangerous because all your
>> "neighbors" can represent a potential security risk (they have
>> "physical" access to your machine), meaning that you should enforce
>> your computer firewall rule
On Sun, 23 Jan 2011 14:21:33 -0800
Mark wrote:
> On Sat, Jan 22, 2011 at 9:23 PM, Celejar wrote:
>
> > On Fri, 7 Jan 2011 17:15:15 -0800
> > Mark wrote:
...
> > > This is a great idea; I do this when traveling with a work laptop,
> > booting
> > > Ubuntu off a live usb stick. With the 10.10
> Open wifi hot-spots (or open networks) are dangerous because all your
> "neighbors" can represent a potential security risk (they have "physical"
> access to your machine), meaning that you should enforce your computer
> firewall rules to treat all of the LAN computers as "untrusted" hosts
> whic
On Du, 23 ian 11, 14:21:33, Mark wrote:
>
> For me, when it's a work computer that has a Windows-only installation on
> it, running Ubuntu from a Live CD is the only allowable way to use Linux on
> the computer.
Debian installs just fine on USB sticks ;)
Regards,
Andrei
--
Offtopic discussions
On Sat, Jan 22, 2011 at 9:23 PM, Celejar wrote:
> On Fri, 7 Jan 2011 17:15:15 -0800
> Mark wrote:
>
> > On Fri, Jan 7, 2011 at 2:28 PM, Klistvud
> wrote:
> >
> > >
> > > For people really concerned with their security in public wifi spots,
> > > perhaps the best I can recommend is: just run off
On Fri, 7 Jan 2011 17:15:15 -0800
Mark wrote:
> On Fri, Jan 7, 2011 at 2:28 PM, Klistvud wrote:
>
> >
> > For people really concerned with their security in public wifi spots,
> > perhaps the best I can recommend is: just run off of a live CD. It's really
> > a great security policy once you ge
On Fri, Jan 7, 2011 at 2:28 PM, Klistvud wrote:
>
> For people really concerned with their security in public wifi spots,
> perhaps the best I can recommend is: just run off of a live CD. It's really
> a great security policy once you get used to it being somewhat slower; if
> you can get suspend
Dne, 07. 01. 2011 19:53:44 je Andrei Popescu napisal(a):
For people really concerned with their security in public wifi spots,
perhaps the best I can recommend is: just run off of a live CD. It's
really a great security policy once you get used to it being somewhat
slower; if you can get su
On Fri, 07 Jan 2011 20:53:44 +0200, Andrei Popescu wrote:
> On Vi, 07 ian 11, 16:23:16, Eduardo M KALINOWSKI wrote:
>> On Sex, 07 Jan 2011, Andrei Popescu wrote:
>> >If you consider an open wireless to be more dangerous, what additional
>> >protective measures do you suggest?
>>
>> Enable encrypt
On Vi, 07 ian 11, 16:23:16, Eduardo M KALINOWSKI wrote:
> On Sex, 07 Jan 2011, Andrei Popescu wrote:
> >If you consider an open wireless to be more dangerous, what additional
> >protective measures do you suggest?
>
> Enable encryption of the wireless traffic (but not WEP, which is too weak).
I
On Sex, 07 Jan 2011, Andrei Popescu wrote:
If you consider an open wireless to be more dangerous, what additional
protective measures do you suggest?
Enable encryption of the wireless traffic (but not WEP, which is too weak).
SSL is always nice, but there isn't much you can do if the remote si
On Jo, 06 ian 11, 09:12:28, Eduardo M KALINOWSKI wrote:
[snip]
If you consider an open wireless to be more dangerous, what additional
protective measures do you suggest?
Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d
On Qua, 05 Jan 2011, Andrei Popescu wrote:
By "physical access to the network" you mean the internet, right?
Because that's what's past my AP... AFAIK it's just a bit more difficult
to intercept the traffic, that's all.
I'm talking about LAN traffic, not internet traffic. Intercepting
traffic
On Mi, 05 ian 11, 09:49:38, Eduardo M KALINOWSKI wrote:
> On Ter, 04 Jan 2011, Andrei Popescu wrote:
> >The wireless encrypts the traffic only between my laptop and my AP.
> >Beyond my AP the wireless encryptions does not bring any additional
> >security.
>
> That's true, but that's exactly the po
On Ter, 04 Jan 2011, Andrei Popescu wrote:
The wireless encrypts the traffic only between my laptop and my AP.
Beyond my AP the wireless encryptions does not bring any additional
security.
That's true, but that's exactly the point: if the wireless network is
not encrypted it is trivial to cap
On Lu, 03 ian 11, 23:28:24, tv.deb...@googlemail.com wrote:
>
> Off topic for Debian but relevant to your question I came across an
> article today in Ars Technica :
> http://arstechnica.com/security/guides/2011/01/stay-safe-at-a-public-wi-fi-hotspot.ars
>
> Might be worth reading if you are in t
On Ma, 04 ian 11, 09:31:52, Eduardo M KALINOWSKI wrote:
> On Ter, 04 Jan 2011, Andrei Popescu wrote:
> >Would you care to explain why you find an open wireless to be more
> >dangerous than your regular internet connection?
>
> Because anyone nearby with a laptop can sniff the traffic, unlike
> wit
On Tue 04 Jan 2011 at 09:20:39 -0500, Brad Alexander wrote:
> If you are on a public wifi, you can turn off ssh server (the client
> will still work) and nrpe (the Nagios client). On the other hand, if
> you turn off password auth in ssh, you should be relatively safe
> leaving ssh running. xmpp i
On Tue, Jan 4, 2011 at 6:23 AM, Eduardo M KALINOWSKI
wrote:
> On Ter, 04 Jan 2011, Brian wrote:
>>>
>>> Because anyone nearby with a laptop can sniff the traffic, unlike with a
>>> regular cabled internet connection or a password protected wireless
>>> network (in which traffic in encrypted)?
>>
>
You should probably be running a plugin/extension that turns off flash
and javascript, and let you selectively enable for individual sites.
On firefox/iceweasel, these would be flashblock and noscript. I also
have adblock plus installed. With careful use, this will cull out most
of the malicious st
On the 04/01/2011 12:19, Andrei Popescu wrote:
> On Lu, 03 ian 11, 12:28:25, tv.deb...@googlemail.com wrote:
>>
>> I wouldn't do my internet banking/shopping over such a network though...
>
> Would you care to explain why you find an open wireless to be more
> dangerous than your regular internet
On Ter, 04 Jan 2011, Brian wrote:
Because anyone nearby with a laptop can sniff the traffic, unlike with a
regular cabled internet connection or a password protected wireless
network (in which traffic in encrypted)?
For internet banking/shopping over https (which would be the norm) it
wouldn't
On Tue 04 Jan 2011 at 09:31:52 -0200, Eduardo M KALINOWSKI wrote:
> Because anyone nearby with a laptop can sniff the traffic, unlike with a
> regular cabled internet connection or a password protected wireless
> network (in which traffic in encrypted)?
For internet banking/shopping over https
er_osvdb=&filter_cve=
--- On Tue, 1/4/11, Andrei Popescu wrote:
> From: Andrei Popescu
> Subject: Re: firewall package for laptop wi-fi client
> To: debian-user@lists.debian.org
> Date: Tuesday, January 4, 2011, 11:19 AM
> On Lu, 03 ian 11, 12:28:25, tv.deb...@googlemail.
On Ter, 04 Jan 2011, Andrei Popescu wrote:
Would you care to explain why you find an open wireless to be more
dangerous than your regular internet connection?
Because anyone nearby with a laptop can sniff the traffic, unlike with
a regular cabled internet connection or a password protected wi
On Lu, 03 ian 11, 12:28:25, tv.deb...@googlemail.com wrote:
>
> I wouldn't do my internet banking/shopping over such a network though...
Would you care to explain why you find an open wireless to be more
dangerous than your regular internet connection?
Regards,
Andrei
--
Offtopic discussions a
On the 03/01/2011 05:42, Russell L. Harris wrote:
> I need recommendations for a Debian firewall package to be installed
> on a laptop or notebook which is used for web browsing and web-based
> email in public wi-fi hotspots.
>
> My concern is to prevent infection or compromise of the laptop, so
>
On the 03/01/2011 10:55, Russell L. Harris wrote:
> * tv.deb...@googlemail.com [110103 09:24]:
>
>> Hello, if you are looking for a graphical front end you can look at
>> gufw, firestarter and guarddog. For text based tools I ear good things
>> about shorewall.
>
> I am looking for a package whi
Russell L. Harris:
> * tv.deb...@googlemail.com [110103 09:24]:
>
>> But if you do only web browsing and email and don't run any
>> web-facing services you should be fine anyway.
>
> I do not understand; what is a "web-facing service"?
It is a program accepting random connections from arbitrary
On 3.1.2011 11:55, Russell L. Harris wrote:
>
>> The major threats are web browser security holes (update often)
>> especially through flash and java plug-ins, and pdf.
>
> Flash and java are in most web pages. Does a firewall not protect
> against these threats? or are browser updates necessar
On Lu, 03 ian 11, 09:55:45, Russell L. Harris wrote:
>
> > But if you do only web browsing and email and don't run any
> > web-facing services you should be fine anyway.
>
> I do not understand; what is a "web-facing service"?
For example a web server (apache) or some other services accessible
* tv.deb...@googlemail.com [110103 09:24]:
> Hello, if you are looking for a graphical front end you can look at
> gufw, firestarter and guarddog. For text based tools I ear good things
> about shorewall.
I am looking for a package which is easy to configure, whether text or
gui; in this respect
On the 03/01/2011 05:42, Russell L. Harris wrote:
> I need recommendations for a Debian firewall package to be installed
> on a laptop or notebook which is used for web browsing and web-based
> email in public wi-fi hotspots.
>
> My concern is to prevent infection or compromise of the laptop, so
>
I need recommendations for a Debian firewall package to be installed
on a laptop or notebook which is used for web browsing and web-based
email in public wi-fi hotspots.
My concern is to prevent infection or compromise of the laptop, so
that the laptop may be connected safely to a home or
office L
39 matches
Mail list logo
