Revision as of 11:58, 27 August 2008

ISXUbuntu Developers page

Documentation

Right now the documentation is just a bare outline that needs to be filled in.

Developer Documentation

• How to build an iso
• How to run and test
  • Using xen
  • chroot
• How to create a package file
  • How to create a package file for mozilla plugins

End user documentation

What ISXUbuntu is, and how to use it

• What Ubuntu is, and how ISXUbuntu differs
• How to harden a standard Ubuntu distribution to be like ISXUbuntu
• Additional security measures we didn't include in ISXUbuntu

How the internet works and why you should care

What ip is 

 

Cover these issues:

 

• Snooping on ethernet
• man in the middle attacks, ethernet arp spoofing
• ip routes could be hijacked (like what happened to youtube)
• tcp sequence guessing (Is this a big deal? I'm not sure)

What dns is 

It matters because: your local dns could be hijacked to point you to fake sites

 

(some viruses install entries in the windows hosts file)

 

your local dns could be cache poisoned

domains 

can be fake, or typo domains, or have been taken over when lapsed, or simply stolen (like what happened to comcast)

using a browser smartly 

how to tell if you are using an encrytped session (some people believe lock icons 'on the page itself' even if the browser is showing an unlocked lock).

What browser warning certificate warning messages mean

Cross site scripting (how do browser users defend against this?)

How cookies allow sites like doubleclick to track you from site to site

Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)

Smart shopping: Using paypal, secure code, temporary credit card numbers

Information to protect: Don't give out your social security number online! (what else?)