ISXUbuntu/Documentation
From Wiki
Contents
ISXUbuntu Documentation
Right now the documentation is just a bare outline that needs to be filled in. This wiki should serve as a place to gather all the information into one place. We will worry about making it presentable to end users later.
Developer Documentation
- How to use Cloudsmith
- Requires java
- How to build an iso
- How to run and test
- Using xen
- chroot
- How to create a package file
- Debian Maintainers Guide has documentation
- Using Alien to convert between package types
- How to create a package file for mozilla plugins
End user documentation
What ISXUbuntu is, and how to use it
- What Linux/Ubuntu is
- Why it is secure
- How ISXUbuntu differs
- List changes we made, and why we did them
- How to harden a standard Ubuntu distribution to be like ISXUbuntu
- Additional security measures we didn't include in ISXUbuntu
How the internet works and why you should care
- IP
- What IP is
- Brief History
- TCP, UDP
- IP security issues
- Snooping on ethernet
- ethernet arp spoofing
- man in the middle attacks, ethernet arp spoofing
- ip routes can be hijacked (like what happened to youtube)
- tcp sequence guessing (Is this a big deal? I'm not sure)
- What IP is
- DNS
- What dns is
- Brief history
- DNS security issues
- your local dns could be hijacked to point you to fake sites
- some viruses install entries in the windows hosts file
- your local dns could be cache poisoned
- What dns is
- Domains
- can be fake
- or typo domains
- or have been taken over when lapsed
- or simply stolen (like what happened to comcast)
- Malware can be added to an otherwise trusted site. For example http://citibank.com/vx123.exe should not be trusted, even if it comes from the Citibank web site
- Using a browser smartly
- how to tell if you are using an encrypted session (some people believe lock icons on the page itself even if the browser is showing an unlocked lock).
- What browser warning certificate warning messages mean
- Cross site scripting (how do browser users defend against this?)
- How cookies allow sites like doubleclick to track you from site to site
- Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
- Smart shopping: Using paypal, secure code, temporary credit card numbers
- Information to protect: Don't give out your social security number online! (what else?)
How your computer works, and why you should care
- What a program is
- The viruses of the DOS era
- Word macro viruses
- Modern malware
- How the linux file permission module protects you
- Will prevent system wide programs from being overwritten by users and the programs they run
- Will not protect your home directory
- How phishers get people to run malware programs