Difference between revisions of "ISXUbuntu/Documentation"

From Wiki
Jump to: navigation, search
Line 23: Line 23:
  
 
==== How the internet works and why you should care ====
 
==== How the internet works and why you should care ====
; What ip is :
+
* IP
;  :Cover these issues<nowiki>:</nowiki>
+
** What IP is
;* :Snooping on ethernet
+
*** Brief History
;* man in the middle attacks, ethernet arp spoofing
+
*** TCP, UDP
;* ip routes could be hijacked (like what happened to youtube)
+
** IP security issues
;* tcp sequence guessing (Is this a big deal? I'm not sure)
+
*** Snooping on ethernet
;What dns is :
+
*** ethernet arp spoofing
;  It matters because<nowiki>:</nowiki> your local dns could be hijacked to point you to fake sites
+
*** man in the middle attacks, ethernet arp spoofing
;                  : (some viruses install entries in the windows hosts file)
+
*** ip routes can be hijacked (like what happened to youtube)
;                  : your local dns could be cache poisoned
+
*** tcp sequence guessing (Is this a big deal? I'm not sure)
  
;domains :
+
* DNS
;              can be fake, or typo domains, or have been taken over when lapsed, or simply stolen (like what happened to comcast)
+
** What dns is
 +
*** Brief history
 +
** DNS security issues
 +
***your local dns could be hijacked to point you to fake sites
 +
***some viruses install entries in the windows hosts file
 +
***your local dns could be cache poisoned
  
; using a browser smartly :
+
* Domains
;: how to tell if you are using an encrytped session (some people believe lock icons 'on the page itself' even if the browser is showing an unlocked lock).
+
** can be fake
;: What browser warning certificate warning messages mean
+
** or typo domains
;: Cross site scripting (how do browser users defend against this?)
+
** or have been taken over when lapsed
;: How cookies allow sites like doubleclick to track you from site to site
+
** or simply stolen (like what happened to [http://it.slashdot.org/article.pl?sid=08/05/30/1233236 comcast])
;: Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
+
 
;: Smart shopping: Using paypal, secure code, temporary credit card numbers
+
* Using a browser smartly :
;: Information to protect: Don't give out your social security number online! (what else?)
+
** how to tell if you are using an encrytped session (some people believe lock icons ''on the page itself'' even if the browser is showing an unlocked lock).
 +
** What browser warning certificate warning messages mean
 +
** Cross site scripting (how do browser users defend against this?)
 +
** How cookies allow sites like doubleclick to track you from site to site
 +
** Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
 +
** Smart shopping: Using paypal, secure code, temporary credit card numbers
 +
** Information to protect: Don't give out your social security number online! (what else?)
 +
 
 +
==== How your computer works, and why you should care ====
 +
* What a program
 +
* The viruses of the DOS era
 +
* Word macro viruses
 +
* Modern malware
 +
* How the linux file permission module protects you
 +
** Will prevent system wide programs from being overwritten by users and the programs they run
 +
** Will not protect your home directory
 +
* How phishers get people to run malware programs

Revision as of 12:13, 27 August 2008

ISXUbuntu Developers page

Documentation

Right now the documentation is just a bare outline that needs to be filled in.

Developer Documentation

  • How to build an iso
  • How to run and test
    • Using xen
    • chroot
  • How to create a package file
    • How to create a package file for mozilla plugins


End user documentation

What ISXUbuntu is, and how to use it

  • What Ubuntu is, and how ISXUbuntu differs
  • How to harden a standard Ubuntu distribution to be like ISXUbuntu
  • Additional security measures we didn't include in ISXUbuntu

How the internet works and why you should care

  • IP
    • What IP is
      • Brief History
      • TCP, UDP
    • IP security issues
      • Snooping on ethernet
      • ethernet arp spoofing
      • man in the middle attacks, ethernet arp spoofing
      • ip routes can be hijacked (like what happened to youtube)
      • tcp sequence guessing (Is this a big deal? I'm not sure)
  • DNS
    • What dns is
      • Brief history
    • DNS security issues
      • your local dns could be hijacked to point you to fake sites
      • some viruses install entries in the windows hosts file
      • your local dns could be cache poisoned
  • Domains
    • can be fake
    • or typo domains
    • or have been taken over when lapsed
    • or simply stolen (like what happened to comcast)
  • Using a browser smartly :
    • how to tell if you are using an encrytped session (some people believe lock icons on the page itself even if the browser is showing an unlocked lock).
    • What browser warning certificate warning messages mean
    • Cross site scripting (how do browser users defend against this?)
    • How cookies allow sites like doubleclick to track you from site to site
    • Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
    • Smart shopping: Using paypal, secure code, temporary credit card numbers
    • Information to protect: Don't give out your social security number online! (what else?)

How your computer works, and why you should care

  • What a program
  • The viruses of the DOS era
  • Word macro viruses
  • Modern malware
  • How the linux file permission module protects you
    • Will prevent system wide programs from being overwritten by users and the programs they run
    • Will not protect your home directory
  • How phishers get people to run malware programs