Linux Ubuntu and Security Vulnerabilities

Discussion in 'other security issues & news' started by Mr. Y, Mar 22, 2008.

Thread Status:
Not open for further replies.
  1. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    I am concerned about potential Ubuntu security vulnerabilities.

    Apparently AVAHI is a native service on Ubuntu with the following properties:

    "Avahi is a free Zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. It allows programs to publish and discover services and hosts running on a local network with no specific configuration. For example you can plug into a network and instantly find printers to print to, files to look at and people to talk to."

    Since my computer is a home computer and NOT a server, it is to my advantage to disable AVAHI.

    Are there any other security vulnerabilities that I should disable?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,

    Avahi works on a local network. If you can't trust the local network, then you should think twice about connection to other machines - this is a general statement, not related to any OS in particular.

    Furthermore, like any app / program / service, it gets periodically updated, so vulnerabilties should be covered there.

    Third, it runs with little privileges, so no worries there.

    From reading avahi vulnerabilities in the last 3 years, there have been only a few, mostly low risk, almost all locally exploitable.

    Read this:
    http://avahi.org/wiki/SecurityConsiderations

    Especially the point ...
    - Please keep in mind that Avahi is mostly used in local area networks and that it ignores traffic from non-local networks.

    Lastly, run nmap on your localhost to see what ports are open.

    All in all, I would not sweat it.

    Mrk
     
  3. Mr. Y

    Mr. Y Registered Member

    Joined:
    Jan 11, 2006
    Posts:
    257
    Thankyou for the reply!

    Can I disable it without causing future problems? (I don't see why I need avahi)
     
Loading...
Thread Status:
Not open for further replies.