Difference between revisions of "ISXUbuntu/Documentation"

From Wiki
Jump to: navigation, search
(Developer Documentation)
(ISXUbuntu Developers page)
Line 1: Line 1:
= ISXUbuntu Developers page =
+
= ISXUbuntu Documentation =
  
== Documentation ==
+
Right now the documentation is just a bare outline that needs to be filled in. This wiki should serve as a place to gather all the information into one place.  We will worry about making it presentable to end users later.
  
Right now the documentation is just a bare outline that needs to be filled in.
+
== Developer Documentation ==
 
+
=== Developer Documentation ===
+
  
 
*How to use Cloudsmith
 
*How to use Cloudsmith
Line 16: Line 14:
 
** How to create a package file for mozilla plugins
 
** How to create a package file for mozilla plugins
  
=== End user documentation ===
+
== End user documentation ==
  
==== What ISXUbuntu is, and how to use it ====
+
=== What ISXUbuntu is, and how to use it ===
* What Ubuntu is, and how ISXUbuntu differs
+
* What Linux/Ubuntu is
 +
**Why it is secure
 +
*How ISXUbuntu differs
 +
**List changes we made, and why we did them
 
* How to harden a standard Ubuntu distribution to be like ISXUbuntu
 
* How to harden a standard Ubuntu distribution to be like ISXUbuntu
 
* Additional security measures we didn't include in ISXUbuntu
 
* Additional security measures we didn't include in ISXUbuntu
  
==== How the internet works and why you should care ====
+
=== How the internet works and why you should care ===
 
* IP
 
* IP
 
** What IP is
 
** What IP is
Line 48: Line 49:
 
** or have been taken over when lapsed
 
** or have been taken over when lapsed
 
** or simply stolen (like what happened to [http://it.slashdot.org/article.pl?sid=08/05/30/1233236 comcast])
 
** or simply stolen (like what happened to [http://it.slashdot.org/article.pl?sid=08/05/30/1233236 comcast])
 +
** Malware can be added to an otherwise trusted site. For example <nowiki>http://citibank.com/vx123.exe</nowiki> should not be trusted, even if it comes from the Citibank web site
  
* Using a browser smartly :
+
* Using a browser smartly
** how to tell if you are using an encrytped session (some people believe lock icons ''on the page itself'' even if the browser is showing an unlocked lock).
+
** how to tell if you are using an encrypted session (some people believe lock icons ''on the page itself'' even if the browser is showing an unlocked lock).
 
** What browser warning certificate warning messages mean
 
** What browser warning certificate warning messages mean
 
** Cross site scripting (how do browser users defend against this?)
 
** Cross site scripting (how do browser users defend against this?)
Line 58: Line 60:
 
** Information to protect: Don't give out your social security number online! (what else?)
 
** Information to protect: Don't give out your social security number online! (what else?)
  
==== How your computer works, and why you should care ====
+
=== How your computer works, and why you should care ===
* What a program
+
* What a program is
 
* The viruses of the DOS era
 
* The viruses of the DOS era
 
* Word macro viruses
 
* Word macro viruses

Revision as of 14:06, 27 August 2008

ISXUbuntu Documentation

Right now the documentation is just a bare outline that needs to be filled in. This wiki should serve as a place to gather all the information into one place. We will worry about making it presentable to end users later.

Developer Documentation

  • How to use Cloudsmith
    • Requires java
  • How to build an iso
  • How to run and test
    • Using xen
    • chroot
  • How to create a package file
    • How to create a package file for mozilla plugins

End user documentation

What ISXUbuntu is, and how to use it

  • What Linux/Ubuntu is
    • Why it is secure
  • How ISXUbuntu differs
    • List changes we made, and why we did them
  • How to harden a standard Ubuntu distribution to be like ISXUbuntu
  • Additional security measures we didn't include in ISXUbuntu

How the internet works and why you should care

  • IP
    • What IP is
      • Brief History
      • TCP, UDP
    • IP security issues
      • Snooping on ethernet
      • ethernet arp spoofing
      • man in the middle attacks, ethernet arp spoofing
      • ip routes can be hijacked (like what happened to youtube)
      • tcp sequence guessing (Is this a big deal? I'm not sure)
  • DNS
    • What dns is
      • Brief history
    • DNS security issues
      • your local dns could be hijacked to point you to fake sites
      • some viruses install entries in the windows hosts file
      • your local dns could be cache poisoned
  • Domains
    • can be fake
    • or typo domains
    • or have been taken over when lapsed
    • or simply stolen (like what happened to comcast)
    • Malware can be added to an otherwise trusted site. For example http://citibank.com/vx123.exe should not be trusted, even if it comes from the Citibank web site
  • Using a browser smartly
    • how to tell if you are using an encrypted session (some people believe lock icons on the page itself even if the browser is showing an unlocked lock).
    • What browser warning certificate warning messages mean
    • Cross site scripting (how do browser users defend against this?)
    • How cookies allow sites like doubleclick to track you from site to site
    • Privacy Policies: They can say that a company will sell your information to whoever will pay for it (examples?)
    • Smart shopping: Using paypal, secure code, temporary credit card numbers
    • Information to protect: Don't give out your social security number online! (what else?)

How your computer works, and why you should care

  • What a program is
  • The viruses of the DOS era
  • Word macro viruses
  • Modern malware
  • How the linux file permission module protects you
    • Will prevent system wide programs from being overwritten by users and the programs they run
    • Will not protect your home directory
  • How phishers get people to run malware programs