How to compromise your IPFire system in two easy steps

This is a well-meant guide from the IPFire development team. Of course, every IPFire system belongs to the person who set it up, and you are free (as in free speech) to do whatever you want with it. However, we would like to give you a couple of things to think about first...

Download & Run Third-Party Software

This is how to compromise your system in two easy steps:

  • Download software from the Internet
  • Run it
  • Boom! You are owned

We would like to urge you to never ever do this. We spend so much time on auditing every single line of code that goes into IPFire; we pick certain versions of software because it is most compatible; we patch software to make it work better in IPFire; and in the end we cryptographically sign all releases so that no third party can change any of this and inject anything unwanted.

In order to keep your system secure...

  • Only install packages using pakfire
  • Do not download any packages from the Internet; they will break your system sooner or later and you will never receive updates for them
  • Do not run commands on the command line interface unless you know what you are doing
  • Keep your system up to date by installing all updates using pakfire

It could not be easier to get malware onto a system than having the administrator install it themselves.

Edit Page ‐ Yes, you can edit!

Older Revisions • June 22 at 11:58 am • Michael Tremer