Tag: security

By Mario Pesce

Introduction

When a few years ago I decided to move from Windows to Linux (I created on my machine separate partitions for Linux and booted from Lilo or Grub either into Windows or into Linux, according to job requirements.

I normally used my laptop PC during the day in a company that had a Windows based LAN and therefore I normally had to boot in Windows during the day whereas I would boot into either Windows or Linux at home. This approach has a few disadvantages as follows:

  • My work e-mails were in Microsoft Outlook and I had to boot under Windows to access them.
    I used KMail (and later Mozilla Thundirbird) for my personal e-mails and I had to boot under Linux to access them.
  • I could access Window folders from Linux and copy data, but I could not access any of the Linux folders from Windows.

I concluded that there should have been a better way to use my PC and I looked for a solution to access both Linux and Windows applications without rebooting.

I investigated some of the available products. I found that the wine or CodeWeavers Crossover supported most common Microsoft Windows applications, but some other ones would not work. VMWare looked interesting, but finally I decided to buy Win4Lin (originally developed by Netraverse to support only Windows 95, 98 or ME, even if it allowed to install and use many more recent applications such as Office 2000 or other ones developed for XP without a glitch.

Some good advantages that I found in Win4Lin are the following:

  • Win4Lin has a very small overhead and pretty good performance. I discovered, after the installation, that sometimes applications run faster under Win4Lin than in the original Windows environment. The performance is due to the fact that Win4Lin is not really an emulator; it creates an environment where Windows applications run in native mode. This is done by providing modules that allow Windows to run as a Linux process.
  • The installation of Win4Lin is pretty straightforward.

Recently I had to install Linux on a new machine and I decided to install both a new OpenSUSE 11.0 distribution and the new version of Win4LinPro that now supports Windows 2000 and XP (according to the company Vista should also be supported in future).

The objective of this report is to give you an overview of the new Win4LinPro application and of the approach that I followed to migrate my dual boot machine to a single boot system.

Installing Win4LinPro

Win4LinPro is now distributed and supported by Virtual Bridges. You can easily order it online at the Win4Lin.com site and download either an ISO version or one of the Debian or RPM packages. Virtual Bridges confirms the order with an e-mail which includes also the licence code that must be entered during the installation.

Since I had an RPM based Linux distribution (OpenSuSE 11.0), I downloaded the RPM package. I checked the instructions of the UserManual which require to pre-install also the gcc and the kernel-source packages and then I could install the RPM without any problems.

The installation procedure of the original Win4Lin was more complex because it required to download a special Netraverse-enabled kernel according to each distribution. The new installer does not require this step because it automatically compiles and installs the kernel modules needed to support Win4LinPro.

The Windows installation has also become simpler. The original product required to copy files from your Windows 95, 98 or ME CD to disk and eventually install Windows. In the new version you can use the win4console command to request a Windows session installation and to define how it should be performed (installation directory, installation media etc.) You can specify that you want to install from the XP CD and the installation is performed as if it were a normal XP installation. The win4console allows also to install multiple copies of Windows and the system allows to run two of them concurrently (this could be useful if you want to have a Windows XP and a Windows 2000 session).

After the installation is complete, if you have used the defaults, you will find a Windows icon on your desktop and you can use it to start or shut-down your Windows session terminal. Alternatively you can use the win4 shell command.

You can install new applications in Windows in the same way as you would do with a normal Windows system. I installed various applications such as Microsoft Office, Acrobat Reader, Eudora, HotMetal PRO and a new version of Internet Explorer without any problem.

I had some problems with the original installation to use a COM device for a dial up connection. The new version allows Windows to connect to almost any type of Ethernet network from regular Internet access to Active Directory authentication, and anything in between.

Using Win4LinPro

Win4LinPro creates an interesting Windows environment which is pretty well integrated with Linux.

The personal Windows environment is normally created by win4LinPro in the home directory of the user who performs the installation. When the installation is complete, you will find two image files with the .IMG suffix which are used by Windows as the C: drive (used to store Windows programs and data) and the D: drive (used to store user settings).

By default Win4LinPro automatically configures shared folders so that Windows can access Linux files and Linux can access Windows files. Your Linux home directory is accessible from the Windows HOSTHOME path. You can also use the shared documents directory from Windows by double clicking on the Windows My Documents icon and accessing the path HOSTDocuments.

The Win4LinPro environment is surely much better integrated with Linux than a native Windows installation and you will have at your disposal the power of Linux and Windows applications without any need to reboot.

Moreover Win4LinPro offers greater virus protection than a stand-alone Windows installation. You can easily save your Windows directory as a tar archive and many viruses will not have any effect as explained below:

  • Boot sector or other boot time viruses. There is no Windows boot sector and therefore they are ineffective.
  • FAT32, VFAT or NTFS related viruses. Win4Lin installs Windows files in subdirectories of the Linux filesystem and therefore these viruses are ineffective.
  • Executable files viruses. These can still attack, but will not affect the Linux system.
  • Macro viruses. These can still attack Windows macros, but you can use Linux permissions to make them write protected.

Another protection is given by the snapshot running mode which insures that data in the C: virtual drive cannot be changed

Win4Lin Limitations and Peculiarities. Following main points should be considered:

    • Win4Lin offers different networking options that you can choose during installation and modify later (if needed). The basic TCP/IP and UDP/IP networking is the most secure and provides the best use of resources. If you need more advanced networking options you can use the NAT neworking or the Bridged networking options well explained in the UserManual.
    • Win4LIN does not support direct Windows access to USB devices. However, if they are configured in Linux, they can be accessed indirectly (You can use the My Host Computer function from the start menu to access devices mounted automatically by Linux)

.

Removing the original Window partition

One negative point of having both an original Windows partition and the Win4Lin installation is the waste of space (for instance I had MS Office applications installed on both partitions). This setup could offer better security, in case of problems to either the Windows or Linux installation, but, at some point, I decided that I could use better the disk space and work without double booting with Linux and Windows under Win4LinPro.

To avoid loosing useful data, I performed following activities:

  • I identified the Outlook mail boxes by using the Windows Find option with “*.pst” and copied them to the Win4LinPro environment.
  • I identified the Outlook Express maild boxes by using the Windows Find option with “*.dbx” and copied them to the Win4LinPro environment.
  • I identified my Eudora mail boxes (used for my personal mail) by using the Windows Find option with “*.mbx” and copied them to the Win4LinPro environment.
  • I found the ‘Favorites’ folders used by Internet Explorer and I copied it and its sub-folders to the Win4LinPro environment.
  • I copied the ‘My Documents’ folder and all other folders that I used in my Windows environment

Making the above copies in the Win4LinPro environment is relatively easy, because Win4LinPro can access mnt directly. You can mount the original Windows partition in the Linux /mnt directory by using a command such as:

$sudo mount /dev/sdb3 /media/windows -t vfat -o umask=000

Once the partition is mounted, you can access it in the Win4LinPro Windows session in the mnt Windows folder.

Once I was satisfied that all important data existed in the Win4LinPro environment, I decided to reformat the Windows partition and copy my Linux /home directory, that was included in the main root hierarchy, to a separate partition. This activity is described in detail below.

Using the freed partition for Linux

A good description of how to move /home to a different partition can be found in a good tutorial by Daniel Robbins at IBM DeveloperWorks. The main steps are as following:

  • Create a filesystem in the new partition by using a command such as mkfs /dev/???
  • Mount the new filesystem in /mnt with a command such as mount /dev/??? /mnt/newhome
  • Drop to single user mode (init 1)
  • Change to the current home directory and enter a copy command such as cp -ax * /mnt/newhome. The ax option causes cp to copy in recursive mode by preserving all file attributes.
  • Rename the old /home to /home.old by using the command mv /home /home.old and mount the new one with mount /dev/??? /home.

When you are sure that everything works correctly, you can remove the /home.old directory.

Conclusions

I believe that the approach described above allows an optimal use of both Linux and Windows resources.

It is often difficult to use only Linux, because one normally has to work in Windows based LANs, interact with other Windows or Linux users or just because one is too lazy to learn new applications instead of those normally used in a Windows environment.

A double boot system is a inconvenient to use. The solution proposed above allows a much better usage of the computer resources and time.

Mario Pesce – Computer consultant

email: mario@datamission.co.uk

blog: http://mariopesceuk.blogspot.com/

Tags: , , , ,

Which Operating System is More Functional – Windows Or UNIX (Linux)?

By Charles S Taylor

Choosing the efficient Operating System is depends on several factors. Whether it is for personal use or for office use, choosing the OS platform is the vital part

History of Unix chart

History of Unix chart (click for larger)

of long-term plan, as it can’t be changed often. You need to consider your requirements both short-term and long-term and the features of Windows and UNIX before choosing the OS.

The following are the some of the important features and properties of the two Operating Systems that will help you to understand them better.

1. Multi-User System: Windows OS is designed to be used by one person at a time, whereas multiple persons can share UNIX OS at a time in a network.

2. Security: Windows users are burdened with the need for anti-virus and anti-spyware software. On the other side, for UNIX it is not required, as it is more secure than Windows.

3. Bugs: UNIX has a reputation for fewer bugs (programming mistakes) than Windows.

4. Performance: Under low-stress conditions, both have similar performance.

However, under high load, UNIX is superior to Windows.

5. Simplicity: To operate UNIX OS we need a little knowledge of Character User Interface, whereas it is very simple to operate Windows OS.

6. Compatibility: If you designed a website under a UNIX server you can easily host it on the Windows server, but the reverse is not always possible.

7. Website Hosting: If you want to use MySQL as backend then go for UNIX. If you need MSSQL as backend then Windows OS is a better option.

8. Application Software: You will get Application software along with UNIX OS package, whereas with Windows you won’t get it.

9. Run the OS without installing it: UNIX can be run with Live CD even without installing it. Windows cannot run until it is installing into hard disk.

10. File System: UNIX protects data with Journalized file system, while Windows uses both journalized and non-journalized file systems. There is less protection of data with the non-journalized file systems.

11. Fragmentation: UNIX file system doesn’t suffer from file fragmentation but Windows file system will be, which results a single file may scatter all over the hard disk as fragments.

12. Crossing the OS boundary: Some Application softwares written for UNIX will not run under Windows and vice versa.

13. Placing User Data: UNIX stores all user data in the home directory making it much easier to migrate from an old computer to new one.

On the other hand, Windows stores data anywhere in the hard disk making it hard to backup files when switching to a new computer.

14. Hardware Compatibility: UNIX can run on different hardware platforms but Windows can’t.

15. Supported hardware devices: UNIX supports less hardware devices than Windows.

16. Ability to run without GUI: UNIX can run without Graphical User Interface so it needs less hardware horsepower than Windows.

17. Price: You can get a copy of genuine UNIX free of cost, whereas you have to buy Windows OS.

The two Operating Systems serve different purposes. The above information helps you to choose the better one that suits your requirements.

Insightful and honest opinions on issues related to various topics including small businesses, economy, international information, health, financial advices, technology tips and home improvement. We publish on topics after analyzing rigorously so this information is useful to our visitors.

Tags: , , , , , ,

Log Monitoring Tools for Unix: Linux, Ubuntu, Red Hat and Solaris Servers

By Jacob Bowman

How to Easily Monitor and Alert on Unix Log Files…STRESS FREE!

Log Monitoring Tools for Linux and Solaris: Do you wish to monitor UNIX log file on a Linux or Sun Solaris System based on a time-frame (i.e. search for the occurrence of “pattern” in the log file within the last x amount of minutes)? If so, this article will save you hours and days of laborious work.

If you work in a UNIX environment, a time will come when you will wish to have caught a problem on one or more of your servers earlier than you did. When that time comes, you’ll scroll through your system or application logs and you’ll find a number of errors in there that speaks to an oncoming/developing problem.

You’ll wonder how you can monitor these logs in the future and alert yourself in the event of a problem. You’ll search the web for solutions and you’ll discover, to your dismay, that nothing out there is simple and straightforward enough to implement in your particular UNIX environment.

Then, you’ll want to write your own script. But alas, it is at this point that your mind will go blank. Because as you start to write your own log monitoring script, you will sadly discover that it really isn’t an easy thing to do. So you’ll begin to wonder in desperation, what do I do?

Well, I’ll tell you what you ought to do: Download or Write Your own ‘Smart Log Script’ and Keep it Simple!

What do I mean by that? Well, if you want to monitor a log file for errors/strings, and you’re concerned with efficiency, whatever script you write or download MUST follow the outline below. Emphasis on MUST!

For example, say you want to monitor the last x amount of minutes or hours of data in a particular log file for certain strings and alert if the strings are found, you MUST model your log monitoring script after the following tool:

Unix Log Tool: /bin/LogRobot (logfile-absolute-path) (time-in-minutes) ‘(string1)’ ‘(string2)’ (-found) (warn) (critical)

Example: ## /bin/LogRobot /var/log/messages 60 ‘luance’ ‘Err1310′ -found 5 10

So in this example,

/bin/LogRobot is the tool name.

/var/log/messages is the log file.

60 is the amount of previous minutes you want to search the log file for.

“luance” is one of the strings that is on the line of logs that you’re interested in.

“Err1310″ is another string on the same line that you expect to find the “luance” string on. Specifying these two strings (luance and Err1310) isolates and processes the lines you want a lot quicker, particularly if you’re dealing with a huge log file.

-found specifies what type of response you’ll get. By specifying -found, you’re saying if anything is found that matches the specified strings within the 60 minute time frame, then that should be regarded as a problem and outputted out.

5 specifies Warning. By specifying 5, you’re telling the program to alert as WARNING if there are at least 5 occurrences of the search strings you specified, in the log file within the last 60 minutes.

10 specifies Critical. By specifying 10, you’re telling the program to alert as CRITICAL if there are at least 10 occurrences of the search strings you specified, in the log file within the last 60 minutes.

Summarized Explanation:

As you can see, the LogRobot tool is monitoring a log file. The arguments that are passed to this log monitoring tool instructs it to do the following:

Within the last 60 minutes, if the tool finds less than 5 occurrences of the specified search strings in the log file, it WILL NOT alert. If the script finds at least 5 to 9 occurrences of the specified strings in the log, it’ll alert with a WARNING. If the script finds at least 10 or more occurrences of the strings in the log within the last 60 minutes, it’ll alert with a CRITICAL.

How easy is that? EXTREMELY!

For more information on how this tool works and to DOWNLOAD it for your own use, visit the following page:

http://www.jacobhtbowman.com/unix-monitoring-tools/unix-log-monitor-linux-sunos.htm

Tags: , , , , ,

A Perfect Guide for MYSQL and Security – Creating the Best Linux Hosting Environment
By Kanquona Bhattacharjee

There are certain things you must be very careful of when you build your website. Performance of the website is a major factor in its success. This guide will give you a technical overview of your server performance. In this guide I am only concentrating on Linux environment as

1. It is cheaper.

2. It supports the fastest script engine PHP.

3. It has the default MySQL database.

4. Its web server is apache, which can be configured with less effort and

5. The Linux environment is most popular.

Before I begin, I must explain what makes a website performs rock solid. As you are aware in most of the websites database is a key factor which mainly stores and fetches data. A portal with slow database execution takes long time to execute and that can take away most of the visitors. If your portal accepts payment then security is the next thing, you shall be concerned of. So, my article will mainly revolve with these two features and a bit of other key areas which you would like to give focus on.

Hardware: This is the factor you must take seriously depending upon the kind of business you are doing and the number of visitors you are drawing. The hardware peripherals which affect the performance are mainly RAM and your CPU speed. RAM is a space which stores data temporarily for CPU access. But if your CPU cannot process faster, then transferring more data into the RAM area will not solve the problem, since the data will remain unprocessed. A better system is a balanced system and increasing just one parameter will never go to improve speed.

MySQL: Database is the most important parameter in terms of server performance. If I classify what makes a slow database or rather what you can do to improve data seek speed, then we get

1. Database design

2. Query standard and

3. Configuration as the primarily responsible reasons.

Database design: MySQL allows you to define data type definition in wide varieties. And you must use them optimally. Declaring the data type of a field as int(11) will unnecessarily eat up space, if the field stores value between 0 and 10. Remember, a good bridge is one which is has better architecture. Mere using good materials never build a good bridge. Here are a few guidelines.

A. For numeric value, guess what maximum value it might store and then select between tiny int, small int, medium int and int. Fields which you know will never store negative numbers should be unsigned.

B. For alphanumeric characters it is wise to select variable length than fixed length as variable length can adjust memory space depending upon size of data stored.

C. Normalize the table as much as possible. This decreases the chance of data redundancy. Also as tables get broken up, memory space usage decreases.

D. Proper indexing is the key for better search result. Index your table wisely and pragmatically. If you think, your table will be searched more on employee name than on employee code, create index based on employee name. Mysql arranges data based on available indexes, so search based on index results faster performance.

Query Standard: The fast data retrieval depends on the query you write. Here are a few tips on that.

A. Join query is always better than multiple nested queries. So try to use join queries if more than one table are involved in search.

B. Avoid Select * statement.

C. Try to test queries by writing them in alternate ways.

Server configuration is the last thing we can do to better the performance. Here are the important settings which affect the performance.

A. Key_buffer_size: This is the most important settings. The larger you set its value, the more MYISAM indexes store in memory. As most queries use indexes as search factor, memory plays better role than disk. The ideal settings is 25% of server memory but less than 50%, for improved performance.

B. The table cache: When mysql access a table, it places it in the cache. So increasing cache size plays an important role. So if you are accessing three tables, mysql opens three tables in the cache. Its default value is 64, but you must set it accordingly depending upon performance. An optimized one, not too high, not too low.

C. Sort_buffer: If you are sorting huge table then you must set its value high.

D. Read_rnd_buffer_size: The read_rnd_buffer_size is used after sort when rows are read in sorted order. If you are using many queries which use order by clause, increasing this value will help improve performance.

E. Query cache: first you must on query cache by setting query-cache-type=1 and query-cache-size can ideally be around 15-20 MB.

F. Tmp_table_size: This variable set the maximum size for a temporary table in memory. You must try avoiding temporary table by optimizing query. If the table becomes two large, MySQL creates a MyISAM table instead. Upping this value helps in speed, if temporary table size gets increased.

I would not discuss much on security issues rather would try to discuss it separately. But as an introduction SQL injection, Cross Side Scripting and HTTP trace are the most important security threat one website can get. SQL injection is a threat which exposes table name and data when a purposely built query is passed to the database through any web form. Basically when user input is incorrectly filtered for string literal escape characters. If we consider the below SQL statement

“Select * from employees where emp_name’=” + EmployeeName + “‘”

Now if the user input EmployeeName has any ‘ inside it, mysql cannot escape the string literal and exposes error.

Similarly if purportedly written javascript is passed through user input, Cross Side Scripting or XSS attack happens. This client side script can take charge of the website through hole exposed by the weekly programmed website code. I would like to discuss more with security issues. Till then happy reading!!

Kanquona Bhattacharjee is a freelance writer and blogger. She has completed her post graduation in English from the University of Calcutta. She has some deep insight into social problems and often present these infront of the most strongest medium. Her personal blog is http://journeytolearning.blogspot.com/ She can be contacted at kanquona@gmail.com

Tags: , , , , , ,

Linux Web Hosting

Linux Web Hosting

By Jeremiah Collins

Today our lives are intermingled with the Internet. We turn to the Internet for pleasure, work, information, banking and what not. We watch web-sites and web-pages with no second thought. It is very similar to reading a printed matter; without any concern for who printed it; or how it was printed; or how it was bound and published; how many copies were printed, etc. For a web-page, we care nothing about how it reached our computer screen; how it was made; or for that matter, who made it. Same as for the printed matter, we are more interested in the contents. However, the people involved with the publication of the web-pages and those who have to maintain the web-sites, must have an in-depth knowledge about Web Hosting.

The main ingredients necessary for web-hosting are, a rugged computer with memory and hard disk, running a server OS, a web-server package, a database package and a package to handle web-pages. The LAMP-server setup matches this requirement very well. LAMP stands for the combination of Linux, Apache, MySQL and PHP. Here Linux is the Operating System; Apache the web-server; MySQL is the database; PHP handles the web-pages. This combination is attractive for the simple reason that it fulfills all the requirements that a web-host requires, at the same time providing the necessary Stability, Security and Scalability.

Linux stability is well documented. The up-time of a Linux server is nearly 99.9%, meaning there is only 1 chance in 10,000 that a Linux-server will stall on account of OS failure. Most non-availability of a Linux-server are the result of a disrupted Internet connection or a hardware failure. However, there are some more links in the chain between the Linux-server and the ultimate viewer of the web-page, which govern the availability of the web-page. DNS servers are one such link.

Next in line is security. A web-host needs protection from virii, trojans, rootkits and the like, which threaten to disrupt the whole show. Any breach in security could lead to deliberate misinformation being sent out, ruining the credibility of the organization whose web-page gets affected. As a system, security measures are taken to periodically look for breaches and plugging them. One feature which helps system administrators in securing their Web-hosts, is that all the softwares used in LAMP are open-source. Open-source softwares enjoy the backing of a large community of developers, who pitch in en-mass at the slightest hint of any problem. Security issues or holes as they are known, get plugged in no time at all, further improving the system.

Scalability is another feature LAMP-servers can boast of. One of the major advantages is you can start small and progressively add accounts as you build-up your business. Since LAMP-server components are all Open-Source, you need not worry about copyright infringement. Also, initial expenditure is only a little more than the hardware cost. LAMP-server can either be dedicated or shared, or even virtual, allowing you to add users at will, at the same time, providing each user the full use of all resources. Linux being a multitasking OS, handles such simultaneous tasks with simple ease. Linux is also capable of parallel computing, which helps in further scalability.

Ripple Web can help you get started with enterprise-grade LAMP servers that will fit your budget.

Tags: , , , , , ,

Strengthen Your Linux Web-Server Against Any Data And Security Breaches

By Tarun Gupta

Your Linux server is the back bone of any hosting service or solution you do offer in any manner to your clients. The complexity and credibility of the servers make it very prone to the visible and virtual security threats against data and information. Web hosting service providers now start visualizing server security as a very comprehensive process. Interestingly, the process of securing the web servers is comparatively tedious than breaching it. The key motive behind the Linux server security is to create a protection wall against a wide variety of threats prevalent in the area of server functioning. Among several security measures, below illustrated are some of the key aspects of server security to be implemented.

SSH Level Security:

The OpenSSH package is installed on the many of the Linux servers by default. This default installation is primarily offers best of the server functionalities and shows lesser concerns to the security lapses. SSH allows many utilities that could be the primary reasons of security holes. Allowing root logins and listening to port 22 may be the topmost causes of security breach. Experts at a web hosting company usually perform several activities to strengthen this area:

  • Avoid to offer a clear access for root logins
  • Accept only secure SSH connections
  • Change the default 22 port
  • Allow strict user authentication

Strengthen the file level security:

Being an extension of the Unix file system, Linux is prone to the Denial of Service attacks and many rootkits vulnerabilities. Web hosting experts indicates that rootkits are primarily very dangerous as it can intrude in the entire internal file system after initial access. In order to remove or prevent the deployment of rootkits, web host experts utilize the tools like chkrootkit in core combination with Intrusion Detection System. Chkrootkit searches for the envious rootkits and IDS checks for any violation in the security measures at any level.

Network Security measures:

When it comes to the vital server security aspects nothing comes more prominent than the network security for the Linux servers. The primary responsibilities of the Web hosting solutions providers are to ensure stringent network security features by managing the port interconnection process.

Numerous tools however are used by the web hosting services providers to determine the security threats in Linux server. These tools include netstat and nmap network mappers. Both of these tools are meant to determine the ports and services available on the functional servers and also very easy to access. Its further use to display exhaustive information regarding several prominent network activities.

Managed Web hosting Company offers complete Linux hosting packages to give you the extra mileage that your business deserves.

Tags: , ,

Guidelines to Ensure Linux Server Security

By Sunil Punjabi

There are some security measures that are essential to implement in order to avoid server security problems that can easily occur in anyone’s system.

Difficult Passwords

Making easy passwords such as “friend” or “brother” makes your system less secure and your system can be easily hacked. It’s preferable to choose passwords containing, alphabets, numerical, characters and some additional symbols. For example use password like “fr!3nd_65″ to ensure server security and protection. Complicated password should be used because there are many ways anyone can get your encrypted password. As far as Linux system with a web server is concerned, the first thing that comes in anyone’s mind are all those various CGI scripts that make you get an additional password file from the system that has been attacked. Always keep in mind that a simple password is easy to crack whereas a difficult password is harder to crack. Therefore, for security make a good password using symbols, alphabets and numbers.

Password Length

In addition to making a difficult password, the length of the password should be eight. Though, the minimum length required by your Linux system is five but for server security you should keep it eight. For this you are required to edit the login.defs file (configuration file for the login program) and also edit the line PASS_MIN_LEN 5 to PASS_MIN_LEN 8.

File transfer

Transferring files from and to the system can also lessen your server security. Therefore, its important that you shut down the FTPd while transferring files to your system. Moreover, a securer way to keep your system protected is SCP. It makes use of SSH to transfer data and also make use of the similar authentication, providing similar security.

BIOS Security

To further ensure server security, prefer setting password using BIOS security. BIOS security will allow you to block unwanted people who with the help of a special disk try to boot your system, hence protecting you from individuals who try to boot the server without a password prompt.

Disable your special or unwanted accounts

Unwanted accounts and default users can also cause hindrance in your server security. Therefore, deleting all such accounts like sync, news, operator, gopher, games and other will help you maintain your system security.

Enable your shadow password option/feature

server security also requires enabling shadow password option or feature. To do this, you are required to apply the “/usr/sbin/authconfig” function in your system. However, if you wish to change your current password and convert it to shadow password then apply the “pwconv, grpconv” functions or commands.

Make sure you disable console-equivalent access programs

Another way to ensure server security is that you prevent the use of console-equivalent access programs such as reboot, halt and shutdown for individuals that use your server daily.

Disable unused services

Disable all the services that are not used by you. This will not only ensure security but will also keep you less worried about your system.

Above mentioned are few guidelines on Linux server security. If these instructions are followed properly your system will remain protected forever.

Tags: ,

Ubuntu and Debian Security Applications Review

By Bob Parkinsons

Securing servers from potential attacks is of utmost importance in today’s economic climate. This article is a personal review of some of the best applications I have reviewed recently to secure my own server as well as others. This document contains applications which may or may not fit every situation to properly secure Internet facing systems. But it does use entirely open source and free host based software, So they will run without the need for expensive external hardware.

When reviewing existing security policies a few factors need to be accounted for first. These being performance, stability and overall use of system resources. Use this to determine the necessity for each of your own requirements. Instead of just pushing all of the suggested on to a single server. As some applications reviewed are not always entirely interchangeable with the others mentioned.

That being said we’ll start with Apache the Worlds most popular Web Server.

Mod Security

Without doubt one of my personal favorite Apache modules is Mod Security. Although it does require registration to download and is not entirely free without restriction. Mod Security is an invaluable Web Application firewall that deters lots of the scum and random bots floating around the Internet today. According to the Mod Security website over 70% of all attacks carried out on the web today are done on the web application level. Which is highly relevant since a single compromised web site can often leak thousands if not hundreds of thousands of passwords and user credentials in just a single compromise.

Pros

Mod Security has a very strict rule-set that is capable of blocking many types of web application attacks most of which can be found in the guidelines set out by the OWASP top 10.

Cons

The default rules can break functionality of Web applications at first. But it can be fixed if you can find the offending rules by viewing log files and commenting those rules out. Common things that may happen is that users are unable to login or some other functionality such as a custom search may break.

Snort

The next very interesting application is Snort the commonly known defacto standard in intrusion detection. Snorts job is to monitor networks while being as light weight as humanly possible. As to not consume to many system resources and slow down the users of the systems it may be running on. What really makes snort unique however is that it has heritage of being a very stable and robust IDS with both open source rule-sets and more advanced commercial rule-sets which are available via subscription.

Pros

Lightweight and flexible, Trusted and stable.

Cons

The free rules available have a lot to be desired when compared to the subscription rules.

AIDE

AIDE the file integrity checker can be used to create hashes of files or directories and is a generic replacement for the older Linux application trip wire. If an application has been modified without consent a simple cross reference via an image disk can reveal insights quickly as to which files may have changed in the process. By providing SHA1 hashes or other algorithms. It is therefore very useful for analyzing the exact cause of a vulnerability in the event of a possible intrusion and in many respects can be considered a root-kit detector without all the fancy bells and whistle like our next application.

Pros

Supports custom algorithms and makes up for where trip wire and others once failed.

Cons

Lack of documentation to properly implement and utilize for less experienced users it can be a concept you may give up on quickly. (I don’t blame you but it’s worth it.)

RKHUNTER

Another good Root-kit detector is RKHUNTER and works very much the same as AIDE but is more specifically a root-kit detector in that it scans all the usual locations where it would make sense for root-kits to hide on a Linux system or where they have historically been stored.

Pros

Very in depth and has support for a wide range of common root-kits.

Cons

By default on debian and ubuntu it flags a false positive for gawk, awk and a few other directories but I believe this to only be a false positive.

FAIL2BAN

Fail2Ban helps block out automated and often brute-force queries by bots or potential attackers over SSH that make too many incorrect log-in attempts.

Pros

By automatically banning bots not only do you protect your system from compromise but also help keep performance of the server at more optimal levels.

Cons

I’ve locked myself out temporarily before by not setting the threshold high enough and forgetting what password I used. As long as you don’t do that you should be fine.

Choose the right Web host

While this is not an application I believe that just as important and a major factor in keeping your web server secure is to choose the right web host and environment for your needs. While their are many cows, daddy’s, gators and other sharks trying to add 1 & 1 together in the 5$ or less discount hosting war. Take some time to reconsider what you are paying for and if you can afford it pay that little bit extra to get the benefits of a well known Secure Hosting provider when ever you can.

Tags: , , , ,

Kismet Drones

This Kismet tutorial provides a basic framework for using Kismet drones.
Kismet is an 802.11 wireless network detector, sniffer, and intrusion
detection system. Kismet will work with any wireless card which
supports raw monitoring mode, and can sniff 802.11b, 802.11a, 802.11g,
and 802.11n traffic (devices and drivers permitting).

Kismet also sports a plugin architecture allowing for additional
non-802.11 protocols to be decoded.

Kismet identifies networks by passively collecting packets and detecting
networks, which allows it to detect (and given time, expose the names
of) hidden networks and the presence of non-beaconing networks via data
traffic.

Kismet Drones are designed to turn Kismet into a distributed IDS system.
Drones support all of the capture methods Kismet normally supports,
including multiple capture devices per drone. Drones capture wireless
data and forward to a Kismet server over a secondary connection (ie,
wired Ethernet). Drones do not do any decoding of packets and have
minimal hardware requirements.

A Kismet server connects to the drones and will provide a single Kismet
UI display, packet dump, and alert generation point. Capture sources on
remote Kismet drones are forwarded to the Kismet server and appear as
independent capture devices which can be configured for channel hopping,
locking, etc.

Using the tun/tap export function, the central Kismet server can export
the packets from all attached drones to a virtual network interface for
use with external IDS/packet capture systems (such as Snort).

To start using Drones, launch the kismet_drone process on a remote
system (editing the kismet_drone.conf file to control what hosts are
allowed to connect) or turn on drone capabilities in the Kismet server
(by enabling the drone config options in kismet_server.conf). When
running a kismet_server instance as a drone, local logging will act as
usual and Kismet clients can be connected to the server as normal; When
running kismet_drone, Kismet clients cannot connect directly to it, and
it will not log, a Kismet server instance must be started to provide
packet decoding, logging, and Kismet UI connectivity.

Tags: , , , ,

What is So Fascinating About a Wireless Security Camera System?

By Singgih Tri Widodo

From the installation and use, lies in the simplicity and beauty that has a wireless security camera system. With this camera you can send pictures or videos directly to the recipient that the cord is connected to your computer or television. This is a wise way to watch someone who you think is suspect or your goods.

You do not need to buy goods with a very high price for it, and then you get someone else to arrange it. It is not necessary. For that, you should need is some good camera and handy with a computer software and stable, it makes you more calm and comfortable.

Wireless camera – Take a picture

You have the freedom to choose different types of cameras you want to build your own surveillance. You can have 4 to 30 cameras, you want at will. If you want to do off-site supervision, you need to put the camera in certain places. For example pages, swimming pool, main entrance, backyard, etc..

A good outdoor camera should be weather resistant, and must also have night vision. While which indoor surveillance cameras, was far too difficult for a computer or using a simple camera eye to eye. This camera is easily disguised so as not to be seen and caught.

Tips for buying a camera

I suggest before you make a purchase, make sure you check the camera so that the signal coverage to ensure you receive a picture can clearly. It may need a powerful transmitter.

To create a data input, choose the camera to perform voice or movement, and he will activated own end at the appointed hour through the scheme

Recipients / Receiver

Wireless camera basically sending videos and pictures through walls which can achieve distances up to 300 feet 10 miles. By your camera, you will only need can to get a DVR receiver that is used to retrieve the signal is transferred through the camera. The recipient is the most important part of your camera system, without it you can not do anything and can not receive video images you capture which.

This hardware is easy once you plug in the computer or television or wherever you want to install to see it. Usually the camera is equipped with DVR card is which their own and it can directly broadcast to the Internet. But you can buy the device separately at your nearest store shops.

Memory

Data you have on your camera you should keep it safe. You must put the camera in a different place, which surely will make the full leap camera memory. You must buy a separate memory was of about 1 TB hard drive or you need to hire another online server to store your video data. And of course you should regularly monitor your data.

Software

You must have the software to monitor the camera. Maybe you can using a Mac, Windows, Linux, or others. This can help you to monitor, transfer, and store your data. You can see it on the laptop, or phone, or even equivalent to a simple desktop.

For more information see Wireless Security Camera System

Singgih Tri Widodo comes from Kalimantan Timur, Indonesia. has written several articles on Motorcycle and Camera. You may want to check out other guide on Motorcycle Link tips, and Camera Link guide!

Tags: , ,
« Previous posts Back to top