Focus on Software

Everywhere I look, I see (and install) more and more Linux desktops.

Well, it looks like all the big boys (Red Hat, Caldera, Mandrake, etc.) have thrown in their hats and said, “Linux is not ready for the desktop.” At least that's the message. Hey, Microsoft, you won without a fight! I don't know what the CEOs of these companies are smoking, but it must be very strong stuff. Everywhere I look, I see (and install) more and more Linux desktops. And you know what? The folks for whom I do the installs don't understand why they couldn't have a desktop before that was this robust, this good, this inexpensive. But these now publicly held companies I mentioned above are talking about 1) raising the price and 2) charging a per-CPU license. As far as they're concerned, the free ride is over. Time to pay the Linux distributors. If I didn't find Debian's GNU politics so annoying, I'd start using it. Maybe it's time to start my own distro? Or at least one for my clients? At least that would eliminate the unpleasant surprises that accompany each new release, and I could decide what's best for my clients rather than using a distribution whose creators seem increasingly out of touch with what's happening with their VARs and customers.

webCDwriter:

http://www.uni-bielefeld.de/~jhaeger/webCDwriter/

Now this is nice (and convenient). webCDwriter lets you surf over to your web server/CD burner and burn a CD of files on your local machine across the network. This is truly convenient, and any user can do it. In fact, its simplicity and ease of use may be its biggest drawback. You may find your CD burner is suddenly running overtime burning CDs from all over your network. No more excuses for not having a burned copy of important files and directories because the CD burner is on a remote system, and it's inconvenient transferring the files. Guess I'll have to invent yet another excuse. Requires: Java, cdrecord, mkisofs, web server, web browser w/ Java support.

Heroes:

http://heroes.sourceforge.net/

This particular game is a cross between Snakes and Nibbles, based on the old DOS Heroes game. The graphics are quite good, and game play is fast. The complete Heroes code includes a large number of soundtracks, more levels than most normal gamers can play in a night and several game modes. Requires: libm, libmikmod, libpthread, libdl, libSDL, libartsc, libX11, libXext, glibc.

Port Scan Attack Detector:

http://www.cipherdyne.com/psad/

This Perl utility takes advantage of iptables or ipchains logging and uses the logged information to determine whether the system is under attack. The parameters are highly configurable. psad can send an e-mail to the administrator when it sees a scan. The e-mail will include custom whois information. This is a fairly simple but effective tool (along the lines of courtney), but it doesn't put your Ethernet card in promiscuous mode and will watch only those ports you have logging on. Requires: Perl, Perl modules: Socket, Getopt::Long, File::Stat, and Data::Dumper.

iptrap:

http://www.jedi.claranet.fr/

If you are very paranoid or just under attack often (as my servers are), you can block offending IPs quickly and easily with this tool. I tested it on my local system that does not run mail. Telling it to block any host hitting port 25, I Telnet to another system, then Telnet back to the local system on port 25. Instantaneously, I had a rule inserted in the input chain. I had told it to REJECT rather than use the default DROP, and the resulting iptables rule showed a reject with port-unreachable. Nice. This will be put to good use. Can also run external scripts that e-mail you the output from a `dig -x <offending IP>`. Requires: glibc and iptables (or ipchains).

Password Expiration Agent:

download only: http://frida.fri.utc.sk/~behan/devel/passwd_exp/

This script, run daily, will look through your /etc/shadow file and send an e-mail to any user whose account is about to expire or be disabled. Personally, as an administrator, I like to get the list and send out notifications where appropriate myself. But if you have a lot of accounts or just don't want to bother, this is the way to do it. Requires: Perl, Perl modules provided by author (RcRecord.pm, spent.pm).

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix