Focus on Software
Internets, Intranets, LANs, WANs and more. Frankly, I don't care how a system is connected, be it Ethernet, Token Ring, FDDI, Frame Relay, dial-up PPP, wireless, ham radio, satellite or two cans and a string. If it's connected to something else, even intermittently, it's vulnerable. Recently, Red Hat demonstrated to the world that installing unsecure, vulnerable and, even worse, unnecessary services is a highly security-challenged proposition to the Nth. I don't want to pick on Red Hat; most distributions do similar security-challenged things. But they shouldn't. For my money, no service should be turned on by default, whether the customer asked for a full install or not. Even worse, few distros explain logs and all they offer in their little getting started book. The syslog files (/etc/syslog.conf and the logs themselves) are not “black arts” stuff. They're just boring. Or so we hope. If you have an intruder, or attempted intrusions, these logs can be rather interesting. I've found myself on the edge of my chair as I read through the logs, watching an intrusion and wondering if this wannabe cracker or script kiddie is going to make it in. Okay, so I'm eccentric. But I'm hoping a few offerings centered on system logs might spark a little interest in a bunch of dull log files.
The logtool utility is another of those small things that sometimes go a long way. All a logtool does is colorize log entries. It makes the date-time stamp one color, originating system another, the facility a third color and the message itself a fourth color. This really breaks out a log entry when you have a large number of them on the screen at one time, making reading entries easier. Requires: glibc.
The name of this package is a bit of a misnomer. Yes, it does do some log file correlations, but it also shows other things, like currently logged in users (w), filesystem status (df -k), last dump (/etc/dumpdates), the logs. I would say it's more of a system analysis. This won't replace other log file tools that search for anomalies but will give an “executive overview” of a system. Requires: Perl.
If you're running ipchains, netfilter or a Cisco firewall, this utility can grep your logs and display statistics regarding the traffic passing through (or even just to) your system. You must generate the iptables/ipchains rules for logging (-j LOG in iptables) whatever you want fwlogwatch to look for. If you enable netfilter debugging, it's like logging every single packet you see. So I don't recommend that just because of the sheer volume of logging, but it will definitely show you what your system is seeing. Requires: glibc.
MasarLabs System Monitor: www.masarlabs.com/msysm.html
This is another graphical utility used to show various settings and loadings on your system. It is highly configurable and modular, with modules that show apm, clock, CPU, disk status, mail, memory, network status, serial status, swap, network IP, PCMCIA and ppptime. Mix and match in any order you want, in one row across, one row down or in various rows across. Want to just “fill a hole”? Select the empty module. My only complaint is the inability to resize the graphics, which look fine on a screen up to 1024 x 768 but is too small on a screen of 1600 x 1200. Requires: libX11, libXpm, libdl, glibc.
Automated Password Generator and tkapg: http://www.adel.nursat.kz/
This password generator can be configured to produce pronounceable passwords as well as totally random “white noise” passwords. apg can further check these passwords against a dictionary file. This utility comes as a standard program as well as a dæmon that can be run by inetd to service requests on the network (this may not be a good idea unless all network traffic is encrypted). The author also provides separately a tk utility to access and display generated passwords. These two programs make short work of excuses for bad passwords. Requires: glibc; tkapg also requires Tcl/Tk.
This utility, designed to be run in a video terminal (VT), shows the status of your PPP connection. All statistics are shown, including IP address and a graphical display of throughput. It's perfect if you have a system that acts as a firewall/dial-up. Its one drawback is it doesn't have an option to lock the screen when invoked so you can leave it up while unattended. Requires: libncurses, glibc.
Text WINdows Manager: http://linuz.sns.it/~max/twin/
Any of you remember the old DOS (DR-DOS or MS-DOS) programs like the Norton Window utility (the name slips my mind) that gave you a window in DOS? How would you like a trip down memory lane? Well TWIN can provide you that trip. It can also provide you with an extremely lightweight term window (or multiple term windows) on one VT. Nice thing is, it also works in X if you're so inclined. I think my laptop just became a non-X piece of hardware. Requires: glibc.
If you are a realtor, or know any realtors, then this software will be of interest. It claims to be simple enough for a realtor to set up, and I imagine that means techn-eaderthal realtors. Well, that may be a slight exaggeration but not much of one. It will require that someone make adjustments to the index.php page, but, beyond that, this is the simplest package to administer I've seen in a while. I wish realtors had something like this set up the last time I was looking for a house in the States. If you're not in the US, you might need to make some adjustments (including translations), but it would be a trivial undertaking. Requires: web server with MySQL and PHP4, web browser.
Until next month.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
|CentOS 6.8 Released||May 27, 2016|
|Secure Desktops with Qubes: Introduction||May 27, 2016|
|Chris Birchall's Re-Engineering Legacy Software (Manning Publications)||May 26, 2016|
|ServersCheck's Thermal Imaging Camera Sensor||May 25, 2016|
|Petros Koutoupis' RapidDisk||May 24, 2016|
|The Italian Army Switches to LibreOffice||May 23, 2016|
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Secure Desktops with Qubes: Introduction
- Chris Birchall's Re-Engineering Legacy Software (Manning Publications)
- The Italian Army Switches to LibreOffice
- Linux Mint 18
- Petros Koutoupis' RapidDisk
- ServersCheck's Thermal Imaging Camera Sensor
- Oracle vs. Google: Round 2
- The FBI and the Mozilla Foundation Lock Horns over Known Security Hole
Until recently, IBM’s Power Platform was looked upon as being the system that hosted IBM’s flavor of UNIX and proprietary operating system called IBM i. These servers often are found in medium-size businesses running ERP, CRM and financials for on-premise customers. By enabling the Power platform to run the Linux OS, IBM now has positioned Power to be the platform of choice for those already running Linux that are facing scalability issues, especially customers looking at analytics, big data or cloud computing.
￼Running Linux on IBM’s Power hardware offers some obvious benefits, including improved processing speed and memory bandwidth, inherent security, and simpler deployment and management. But if you look beyond the impressive architecture, you’ll also find an open ecosystem that has given rise to a strong, innovative community, as well as an inventory of system and network management applications that really help leverage the benefits offered by running Linux on Power.Get the Guide