Focus on Software
By now, everyone knows what happened with the Microsoft challenge to the cracker community to break a Win2K box with IIS. The part I found the most hilarious was Microsoft's attempt to force these script kiddies to abide by some rules while they performed beta security testing. I guess Microsoft won't make that mistake again (at least not until Windows 2010). Do we need to take a look at some security software, and a program or two to help with the logs? From watching the LinuxPPC challenge, Linux looked like a state-of-the-art Fort Knox compared to Microsoft. Lest we get too cocky, remember that most distributions aren't this secure out of the box. LinuxPPC had most services turned off.
Send Packet will allow root to send TCP, UDP or ICMP packets on the network with any number of items set: source address, destination address, window size, TTL, ICMP code, etc. Wonder how your firewall will react to certain packets? Turn on logging and send a packet, then check the results. This should not be used by anyone except root for obvious reasons. It requires glibc.
Does anyone out there remember Slashdot without the banners? Would you like to go back? The adzapper is a small, configurable “proxy” that runs on your local machine (or any machine) to cover up those gaudy ads. Take back control of your content. I have been using this for a few days and will most likely keep running it. Sufficient “zaplets” (small files that define URLs to filter out) exist to clean up most sites, and you can always add your own. It requires Python.
(Warning: this paragraph is not Y2K compliant; saving it on your computer system could result in your cows going dry and not giving milk—you have been warned.) Here is a simple little reminder program. Just create your ~/.birthday file as instructed by the documentation, put the birthday command in your startup file and get a message reminding you about upcoming birthdays. I suppose as long as your birthdays are Y2K compliant, the output will be, too. (Just don't complain to me if it doesn't remind you of anything on 31 Feb 00.) The only glitch I noticed was it didn't return the xterm back to its original foreground color, but left it white instead. It is difficult to read the text on a white xterm background. It requires glibc.
BASS (no home page) is a scanner to run from your local system. It has various features, including a “coward” mode. When invoked in this coward mode, it tries to hide by going to sleep when someone logs in. A normal process listing (ps aux) shows a blank in the “Command” column. However, a ps auxc or use of gps (see below) shows up the command just fine. Only root can perform certain functions, but it is unclear to me what any user other than root would be doing running this program. It requires glibc.
colortail allows you to view files with colors for designated text. The program comes with several configuration files for looking at log files, the very thing I had in mind when I downloaded it. It makes scanning log files much easier. The provided config files look much better on the black console background than on a white xterm background, but that problem can be easily fixed if necessary. It requires libstdc++, libm and glibc.
For those who use dhcpcd often, this client is great. dhcpxd has more features than dhcpcd, including support for aliasing. Several of my clients run dhcpcd, so I can just plug in my laptop, get an IP address for eth0:1, and get to work. You do need aliasing support compiled into the kernel, but that is small potatoes. It requires libstdc++, libm and glibc.
The gps package does what many ps packages do—shows you a list of processes. What makes this program a standout is that the author logically (in my opinion) arranged the output in an order more aligned to how people would use the columns: PID, command, owner, state, CPU%, Size, RSS, Nice, Priority and date/time of Start. For me, this beats the standard layout where the two things I need most (PID and command) are on opposite sides of the table. Buttons for SIGHUP and SIGKILL (but not SIGTERM) are included. It lacks a way to specify columns and their display order. I look forward to grabbing a newer copy of this software soon. It requires libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libstdc++, libm and glibc.
qutar is a Qt interface to run tar and gzip, bzip2 or zip. It has a nice uncluttered feel. It is still early in development, but shows signs of being a well-thought-out program. About the only minor annoyance is when you do create or unpack a file, the directory windows don't update (yet). It requires libqt (v2.0), libstdc++, libm, glibc, libXext and libX11.
Many years ago, I can remember creating .bat files for DOS systems so that techno-neanderthals could just type in a number and the program they wanted to run would start. Well, guess what? If you have a Linux system with too little RAM to efficiently run X, you can have exactly the same thing with this nice program. Talk about bringing back memories! These menus can be edited from the menu—very nice. Now, what did I do with that old 486-25 with 8MB RAM? It requires bash or pdksh.
Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report
August 27, 2015
12:00 PM CDT
DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.
Free to Linux Journal readers.Register Now!
|Secure Server Deployments in Hostile Territory, Part II||Jul 29, 2015|
|Hacking a Safe with Bash||Jul 28, 2015|
|KDE Reveals Plasma Mobile||Jul 28, 2015|
|Huge Package Overhaul for Debian and Ubuntu||Jul 23, 2015|
|diff -u: What's New in Kernel Development||Jul 22, 2015|
|Shashlik - a Tasty New Android Simulator||Jul 21, 2015|
- Secure Server Deployments in Hostile Territory, Part II
- Hacking a Safe with Bash
- KDE Reveals Plasma Mobile
- Huge Package Overhaul for Debian and Ubuntu
- Home Automation with Raspberry Pi
- The Controversy Behind Canonical's Intellectual Property Policy
- Shashlik - a Tasty New Android Simulator
- Embed Linux in Monitoring and Control Systems
- diff -u: What's New in Kernel Development
- General Relativity in Python