Brought to my attention recently.
I am not too well versed with linux lingo, but a backdoor was discovered concerning the XZ repository.
I do not see much talk about Void Linux, but is it possible Void might have been affected by this backdoor?
If so, how to remedy it?
(2024) Linux Backdoor
-
- Posts: 7
- https://dekodeco.com.pl/producent-mebli-na-wymiar-w-warszawie-nowoczesne-kuchnie/
- Joined: Fri Mar 08, 2024 11:50 pm
Re: (2024) Linux Backdoor
Hello Bismuth,
Both xz and liblzma were reverted to versions accepted by all other Linux distros to be free from questionable contributions.
The pull request can be found here.
Be sure to update your XBPS repository and update packages. Additionally, if you build anything using xbps-src, be sure to pull the latest from the void-packages Github repo.
Both xz and liblzma were reverted to versions accepted by all other Linux distros to be free from questionable contributions.
The pull request can be found here.
Be sure to update your XBPS repository and update packages. Additionally, if you build anything using xbps-src, be sure to pull the latest from the void-packages Github repo.
Linux/BSD since 2001. Void Linux+KDE/Plasma since 2015. Windows? Not even in a virtual machine
Re: (2024) Linux Backdoor
To the best of my understanding, I followed the guidebook and entered twice into the terminal "# xbps-install -Su" to update everything. If I missed anything, please inform me.
Another thing I thought to concern myself with is securing SSH. I looked into fail2ban, but how would one go about securing SSH on Void?
I found this article:
https://www.zdnet.com/article/5-tips-fo ... r-desktop/
But I am not too well-versed on how to implement this strategy on Void. Main thing is I do not want remote logins on my PC, and if its impossible to prevent that, at least make it really really hard to do so.
Another thing I thought to concern myself with is securing SSH. I looked into fail2ban, but how would one go about securing SSH on Void?
I found this article:
https://www.zdnet.com/article/5-tips-fo ... r-desktop/
But I am not too well-versed on how to implement this strategy on Void. Main thing is I do not want remote logins on my PC, and if its impossible to prevent that, at least make it really really hard to do so.
Re: (2024) Linux Backdoor
If you don't want remote logins on your PC the best solution is to disable any services allowing such logins.
Disable SSHd server:
Enable the ufw firewall and deny any incoming connection:
If you do wish to keep SSH access from a local LAN, you can keep SSHd enabled and add an allow rule:
In the above example, any device from the RFC1918 (aka Private) subnet of 192.168.1.1-192.168.1.254 can access SSH.
In addition, use strong passwords.
I leave SSH enabled on my laptop even when travelling and on many hotel WiFi networks. Since sometimes the hotel networks assign the same RFC1918 subnet that you allowed in the above firewall pinhole, you can use the LIMIT pinhole which limits the number of new connections per unit of time. In my case:
You can also narrow this down, like before, to a specific device IP or subnet:
SSH on a non-default port configuration is the same as your linked article mentioned, except to restart the service use
Disable SSHd server:
Code: Select all
unlink /var/service/sshd
Code: Select all
sudo xbps-install -S ufw
ln -s /etc/sv/ufw /var/service
sudo ufw enable
sudo ufw default deny incoming
Code: Select all
sudo ufw allow from 192.168.1.0/24 ssh
In addition, use strong passwords.
I leave SSH enabled on my laptop even when travelling and on many hotel WiFi networks. Since sometimes the hotel networks assign the same RFC1918 subnet that you allowed in the above firewall pinhole, you can use the LIMIT pinhole which limits the number of new connections per unit of time. In my case:
Code: Select all
sudo ufw limit ssh
Code: Select all
sudo ufw limit from 192.168.1.0/24 to any port 22 proto tcp
Code: Select all
sv restart shd
Linux/BSD since 2001. Void Linux+KDE/Plasma since 2015. Windows? Not even in a virtual machine