Difference between revisions of "ISXUbuntu/Documentation"

From Wiki
Jump to: navigation, search
(Developer Documentation)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
= ISXUbuntu Developers page =
+
= ISXUbuntu Documentation =
  
== Documentation ==
+
Right now the documentation is just a bare outline that needs to be filled in. This wiki should serve as a place to gather all the information into one place.  We will worry about making it presentable to end users later.
  
Right now the documentation is just a bare outline that needs to be filled in.
+
== Developer Documentation ==
  
=== Developer Documentation ===
+
This is information useful to developers, whether we use it in ISXUbuntu or not
  
*How to build an iso
+
*How to use [http://www.cloudsmith.com/ Cloudsmith] (for side projects)
 +
** Requires java
 +
*How to use [http://www.gentoo.org/proj/en/releng/catalyst/index.xml Catalyst]
 +
*How to take apart and rebuild an iso
 
*How to run and test
 
*How to run and test
 
**Using xen
 
**Using xen
 
**chroot
 
**chroot
 
*How to create a package file
 
*How to create a package file
 +
** [http://www.debian.org/doc/manuals/maint-guide/index.en.html Debian Maintainers Guide] has documentation
 +
** Using [http://en.wikipedia.org/wiki/Alien_(computing) Alien] to convert between package types
 
** How to create a package file for mozilla plugins
 
** How to create a package file for mozilla plugins
  
 +
== End user documentation ==
  
=== End user documentation ===
+
=== What ISXUbuntu is, and how to use it ===
 
+
* What Linux/Ubuntu is
==== What ISXUbuntu is, and how to use it ====
+
**Why it is secure
* What Ubuntu is, and how ISXUbuntu differs
+
*How ISXUbuntu differs
 +
**List changes we made, and why we did them
 
* How to harden a standard Ubuntu distribution to be like ISXUbuntu
 
* How to harden a standard Ubuntu distribution to be like ISXUbuntu
 
* Additional security measures we didn't include in ISXUbuntu
 
* Additional security measures we didn't include in ISXUbuntu
  
==== How the internet works and why you should care ====
+
=== How the internet works and why you should care ===
 
* IP
 
* IP
 
** What IP is
 
** What IP is
Line 47: Line 54:
 
** or have been taken over when lapsed
 
** or have been taken over when lapsed
 
** or simply stolen (like what happened to [http://it.slashdot.org/article.pl?sid=08/05/30/1233236 comcast])
 
** or simply stolen (like what happened to [http://it.slashdot.org/article.pl?sid=08/05/30/1233236 comcast])
 +
** Malware can be added to an otherwise trusted site. For example <nowiki>http://citibank.com/vx123.exe</nowiki> should not be trusted, even if it comes from the Citibank web site
  
* Using a browser smartly :
+
* Using a browser smartly
** how to tell if you are using an encrytped session (some people believe lock icons ''on the page itself'' even if the browser is showing an unlocked lock).
+
** how to tell if you are using an encrypted session (some people believe lock icons ''on the page itself'' even if the browser is showing an unlocked lock).
 
** What browser warning certificate warning messages mean
 
** What browser warning certificate warning messages mean
 
** Cross site scripting (how do browser users defend against this?)
 
** Cross site scripting (how do browser users defend against this?)
Line 57: Line 65:
 
** Information to protect: Don't give out your social security number online! (what else?)
 
** Information to protect: Don't give out your social security number online! (what else?)
  
==== How your computer works, and why you should care ====
+
=== How your computer works, and why you should care ===
* What a program
+
* What a program is
 
* The viruses of the DOS era
 
* The viruses of the DOS era
 
* Word macro viruses
 
* Word macro viruses

Latest revision as of 16:31, 27 August 2008

ISXUbuntu Documentation

Right now the documentation is just a bare outline that needs to be filled in. This wiki should serve as a place to gather all the information into one place. We will worry about making it presentable to end users later.

Developer Documentation

This is information useful to developers, whether we use it in ISXUbuntu or not

  • How to use Cloudsmith (for side projects)
    • Requires java
  • How to use Catalyst
  • How to take apart and rebuild an iso
  • How to run and test
    • Using xen
    • chroot
  • How to create a package file

End user documentation

What ISXUbuntu is, and how to use it

  • What Linux/Ubuntu is
    • Why it is secure
  • How ISXUbuntu differs
    • List changes we made, and why we did them
  • How to harden a standard Ubuntu distribution to be like ISXUbuntu
  • Additional security measures we didn't include in ISXUbuntu

How the internet works and why you should care

  • IP
    • What IP is
      • Brief History
      • TCP, UDP
    • IP security issues
      • Snooping on ethernet
      • ethernet arp spoofing
      • man in the middle attacks, ethernet arp spoofing
      • ip routes can be hijacked (like what happened to youtube)
      • tcp sequence guessing (Is this a big deal? I'm not sure)
  • DNS
    • What dns is
      • Brief history
    • DNS security issues
      • your local dns could be hijacked to point you to fake sites
      • some viruses install entries in the windows hosts file
      • your local dns could be cache poisoned
  • Domains
    • can be fake
    • or typo domains
    • or have been taken over when lapsed
    • or simply stolen (like what happened to comcast)
    • Malware can be added to an otherwise trusted site. For example http://citibank.com/vx123.exe should not be trusted, even if it comes from the Citibank web site
  • Using a browser smartly
    • how to tell if you are using an encrypted session (some people believe lock icons on the page itself even if the browser is showing an unlocked lock).
    • What browser warning certificate warning messages mean
    • Cross site scripting (how do browser users defend against this?)
    • How cookies allow sites like doubleclick to track you from site to site
    • Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
    • Smart shopping: Using paypal, secure code, temporary credit card numbers
    • Information to protect: Don't give out your social security number online! (what else?)

How your computer works, and why you should care

  • What a program is
  • The viruses of the DOS era
  • Word macro viruses
  • Modern malware
  • How the linux file permission module protects you
    • Will prevent system wide programs from being overwritten by users and the programs they run
    • Will not protect your home directory
  • How phishers get people to run malware programs