[QCLUG] Virus in Ubuntu
Dave Bergert
dbergert@gmail.com
Thu, 15 May 2008 08:37:21 -0500
>>
> It's all Greek to me. I can only understand a little of this post as
> I don't know most of the terms used. I have just installed Ubuntu
> 8.04 on a formatted drive. The only thing that is encrypted is my
> password and wallet as far as I know. I haven't encrypted my drives
> or any files.
> Is this something I should be concerned about? Should I be taking
> action to change something or will an update from Ubuntu take care
> of it for me?
You will wanted to keep your system updated -- on my debian 4.0 - I did:
#apt-get update
#apt-get upgrade
followed by an:
#apt-get dist-upgrade
There were new open-ssh-client and open-ssh-server packages, as well
as updated libssl - the setup scripts created new keys for me for
ssh. I also created a SSL certification on my server (running etch)
so I will need to create a new one.
This vulnerability will typically affect any users that "ssh" into
their box across the network, or have a debian or ubuntu system setup
as a server (VPN, SSL email, https server) and doesn't really impact
desktop users too much.
A full list of applications affected is located on this page along
with more gory technical details:)
http://wiki.debian.org/SSLkeys
--Dave Bergert
>
> Thanks for the information.
> Bob Jones
> _______________________________________________
> QCLUG mailing list
> QCLUG@qclug.org
> http://qclug.org/mailman/listinfo/qclug
Dave Bergert
dbergert@gmail.com