ubuntu-phone team mailing list archive
Mailing list archive
Re: Is ubuntu phone resistant to vault 7 attacks?
On Thu, Mar 9, 2017 at 2:15 PM, Matthias Apitz <guru@xxxxxxxxxxx> wrote:
> El día Thursday, March 09, 2017 a las 09:35:35AM +0200, Simos Xenitellis escribió:
>> On Tue, Mar 7, 2017 at 9:54 PM, Bruce <bruce.griffis@xxxxxxxxx> wrote:
>> > And I'm thinking "no."
>> > I am not aware of a firewall being ported to Ubuntu Phone. Perhaps ufw is
>> > built in, and we just need gufw to configure it?
>> Are there any network ports open on Ubuntu Touch? What need would the
>> firewall have
>> if no network ports are open?
> Yes, there are:
> $ netstat -an | egrep 'LISTEN '
> tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN
> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
> tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN
> tcp6 0 0 :::22 :::* LISTEN
> port 22 is for SSH; on port 8888 I have started a python httpd to serve
> uNav with prefetched tiles; would be good to limit access to both with
> some firewall;
uNav could simply just bind to localhost, no?
SSH has been enabled intentionally (through hoops) by running "sudo
android-gadget-service enable ssh",
with the purpose of the phone being accessible by other devices.
AFAIK, it only supports SSH public key authentication anyway.
Port 53 is for DNS, and it binds to localhost. So it's fine.