Focus on Software
Consulting in the Linux arena today is a challenge. I've worked on a number of different UNIX systems: Solaris, SunOS, Ultrix, OpenServer, AIX, HP-UX and, of course, Linux. What's the difference between all the flavors of UNIX I just mentioned and Linux? Well, the biggest difference is probably that given any flavor of UNIX, all installations are basically the same. The installation, system administration, etc., is uniform. With Linux each distribution has its installation routines, system administration scripts and ways of handling things. Fortunately, they're all Linux, so apart from a version number, they're pretty much all the same. DNS is the same; DHCP is the same; Apache is the same, and, of course, the kernel itself is the same. If you are or want to be a Linux consultant, I highly suggest you learn Linux from the bottom up (i.e., the CLI, command-line interface) rather than from the top down (X server and the admin tools peculiar to a given distro). Learn to read shell scripts and follow their workings. Find, install and use distribution-neutral tools where possible, like webmin (which can be secured via SSL). After all, if you can read /etc/named.conf, DNS is easy to tackle. Ditto for just about every other service on the system. I don't install webmin just for me, I install it for my clients. In fact, I don't actually use it. I think you'll have fewer headaches with this approach, and then your clients can use whichever distribution strikes their fancy (or is most appropriate) rather than reinstalling all the Linux systems because you're unfamiliar with the one being used. Anyway, it works for me.
MonMotha IPTables Firewall script: t245.dyndns.org/~monmotha/firewall/index.php
I don't usually recommend firewall tools or firewall scripts. In fact, I'm not really recommending this one per se. But by the time you read this, several distros should be out with the new 2.4 kernel and netfilter. This particular firewall script can help you if you're having problems getting started with iptables. It makes a good baseline and is a good compromise. The author takes advantage of the stateful capability of netfilter, but I'd add to it. Again, while a good start, you really should look it over and incorporate any necessary changes for your particular situation. Requires: iptables, sh.
A universal (or pretty close) command-line mail program that will read your mail from a POP3 or IMAP server. This is really good. I often find myself on the end of a slow dial-up with some large mail messages. With this program I can quickly look at subjects or go through each e-mail one by one deleting, replying or leaving until later. Requires: Perl.
Apache Toolbox: http://www.apachetoolbox.com/
Do you need to get a working Apache with several mods up and running quickly and correctly? Never compiled Apache before? If you answered yes to both questions, you have a recipe for failure. But relax! The Apache Toolbox will help you. It even knows (and will warn you about) the mod_perl/php4 clash that causes segfaults. I've compiled and installed custom Apache installations a number of times, but it doesn't get any easier than this. While not infallible, it does a better job than all but the most experienced Apache builder. It won't, however, allow you to install both php3 and php4—you'll have to add one of them later if you want both. Requires: sh, wget.
Do you have a lot of pictures (jpeg) you'd like to put up on a web site quickly? I had a whole directory full of grabs from my CamCorder. I just slipped this Perl program into the directory, quickly worked up a descriptions file, ran the program and voilà: four html pages of thumbnails. The image size doesn't matter: the program will stretch, shrink or otherwise make the image fit into the box. If you make any changes (add, subtract or just move pictures around), just running the program again will recreate the pages. Requires: ImageMagick, Perl, Perl modules: Image::Size.
Need to find out who's connecting where, when and how on your system? This program will provide you with a log of connections, disconnections, users, local IP:port pairs, remote IP:port pairs and even programs. Or maybe you don't want to know. It sure is interesting finding out who's running nmap against which targets, when from your system. Because it uses syslog, that information can be sent to your central-logging server. By default, tcpspy uses the log facility LOCAL1, but you can change that in the Makefile to just about facility. Requires: glibc.
BlackNova Traders: http://blacknova.net/
Here's a space strategy game for web play. The object: trade and claim planets ultimately to win by owning more “stuff”. And if you are killed, you lose. It's a great game for those who enjoy text-based games. No fancy graphics, just trading, occupying and protecting planets and trying not to be killed by anyone else. Requires: Apache with PHP3 with MySQL support, MySQL, web browser, cron.
This Perl script will allow you to back up whatever directories you want and permit you to exclude files and directories beneath the directory to be backed up. This backup creates a local file. If you want to store the backup elsewhere, you can FTP it to a central storage server. With several systems using a central storage server (the only system I have a tape drive installed on), I find this utility very handy. Requires: Perl, standard UNIX tools (tar, touch, rm, others).
Bug Tracker: www.agstools.com/products/bt.html
If you need to track various projects as well as bugs, workarounds and enhancements on those projects, this might be what you need. This application is easily installed and can be accessed from anywhere via a web browser. Users (developers) log in with their e-mail addresses and a password to access the bug database. Works well from a variety of browsers (as long as they have support for cookies for logins). Requires: Database (PostgreSQL, MySQL), Perl, Perl modules CGI, DBI, DBD::, web browser.
Until next month.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide