Linux Ubuntu and Security Vulnerabilities

Discussion in 'other security issues & news' started by Mr. Y, Mar 22, 2008.

Thread Status:
Not open for further replies.
  1. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I am concerned about potential Ubuntu security vulnerabilities.

    Apparently AVAHI is a native service on Ubuntu with the following properties:

    "Avahi is a free Zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. It allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example you can plug into a network and instantly find printers to print to, files to look at and people to talk to."

    Since my computer is a home computer and NOT a server, it is to my advantage to disable AVAHI.

    Are there any other security vulnerabilities that I should disable?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    9,239
    Hello,

    Avahi works on a local network. If you can't trust the local network, then you should think twice about connection to other machines - this is a general statement, not related to any OS in particular.

    Furthermore, like any app / program / service, it gets periodically updated, so vulnerabilties should be covered there.

    Third, it runs with little privileges, so no worries there.

    From reading avahi vulnerabilities in the last 3 years, there have been only a few, mostly low risk, almost all locally exploitable.

    Read this:
    http://avahi.org/wiki/SecurityConsiderations

    Especially the point ...
    - Please keep in mind that Avahi is mostly used in local area networks and that it ignores traffic from non-local networks.

    Lastly, run nmap on your localhost to see what ports are open.

    All in all, I would not sweat it.

    Mrk
     
  3. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    Thankyou for the reply!

    Can I disable it without causing future problems? (I don't see why I need avahi)
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.