Striking a Nerve
Recently it seems I hit on three very hot topics (all at once, too), that is if the volume of mail I've received is any indicator. The first of these topics can be reduced to library versioning problems on distributions and my need to keep several kernels of varying levels running to make everything I wanted to compile and run do so. Guess I'm not the only one. Perhaps a plea to programmers not to use the latest bleeding-edge library version would help, and this would be the LJ issue for that. So programmers, if you're listening, how about helping us users out!
The second issue that struck home was spam. We've seen the fall of ORBS followed closely by ORBZ. A number of other blacklists have sprung up in their place like weeds, but without a track record, just good intentions. The Razor database is suspect, with Razor sidelining several mailing-list messages that were obviously not spam. So lists and databases only work so well. I've looked over yet another antispam package that seems promising and is tunable. Let's see how that turns out (see SpamAssassin below).
Finally, a lot of folks are eager to dump Windows but can't seem to replace that Quicken package. Financial packages are dull, uninteresting and few programmers willingly commit the programming career equivalent of hara-kiri by writing one of these packages. But they are needed. One package with some promise has gone from open- to closed-source. I don't review commercial packages, but those of you needing a personal financial package might take a look at MoneyDance on the AppGen site (www.appgen.com).
I've looked over a very large number of spam filters, and not one is perfect. It seems some folks have been poisoning the well where Vipul's Razor database is concerned, so I tried SpamAssassin, which has a setup similar to Vipul's Razor. One thing about SpamAssassin, it's easily reconfigured. During my test period, I had several hundred spam messages identified. I only had one spam at 4.6 make it through and one friendly message at 5.5 get sidelined. But SpamAssassin allows you to create white and black lists. So if you have friends in, say, Costa Rica who use acr.co.cr in their e-mail addresses, you can whitelist only their specific address, while the spam kings using acr.co.cr are summarily sent to /dev/null. Excellent. Requires: Perl, Perl modules Net::DNS, Mail::Internet, Net::SMTP and procmail.
For all you ham operators out there, this is a great logging tool for your contacts. You can have multiple logs. You can add and delete bands in Preferences. The date is filled out, and on contact you just click the Time button and the time is filled in. Fill in the calling/responding station, add some remarks, select the band and click Add. You can search the log and more. It has an extremely user-friendly interface—heck, even a non-ham could work this log! And I should know. Requires: libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, glibc.
Remote Accounts Handler www.entropika.net/racs
This particular Bash script goes a little beyond gpasman. Not only does it store a list of your remote accounts and logins in GPG-encrypted form, it also allows you to connect to them by calling Racs with the alias for your remote account as the argument. It then fires up the application (SSH, Telnet, FTP, SFTP, HTTP, MySQL) and connects you to the account. Requires: Bash, expect, dialog (optional), GPG.
This Perl application will index all your files so you can perform a word search à la htDig or another search engine. But it also works locally on your hard disk and anywhere you have read privileges. So if, like me, you have years' worth of text-type documents and would like a word index of them, check out Penetrator. Its first run may take awhile, but after that, adding entries are quick and easy. If you take advantage of the optional SQL capabilities, you can perform SQL searches on the database without Penetrator's help. Requires: Perl, Perl modules DB_File, Getopt::Long, DBI::Pg (optional).
This utility sleeps in the background until a directory it is watching has a file accessed or changed in a predetermined way; it will then perform the specified command. This utility could be of particular value as part of an intrusion detection system. Find a rootkit? Let dnotify send you a message when the directory containing the file has been accessed. Requires: glibc.
Here's a different idea in a clock. It will tell you the time, but also shows you (provided you've set your preferences to the appropriate lat/long) your relative day/night position. This one is just for fun. Requires: JVM2.
Three years ago I reviewed Ted, an excellent RTF word processor, Nessus, a security check program and Nmap, a network scanner. A tough choice, but I went for Nessus.
Okay, I cheated a little. Nessus uses Nmap as part of its routine. Nessus is probably the most complete and powerful security auditing tool available at any price, and this one's free. If you use the development release, you'll get a good look at all your vulnerabilities so you can do something about them. If you are responsible for network security, this package is a must-have. Requires: libX11, libXext, libXi, glibc, libdl, libgdk, libglib, libg mp2, libgtk, libm, libnsl, libresolv.
Until next month.
David A. Bandel (firstname.lastname@example.org) is a Linux/UNIX consultant currently living in the Republic of Panama. He is coauthor of Que Special Edition: Using Caldera OpenLinux.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Qt Company's Qt Start-Up
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- The Humble Hacker?
- The Death of RoboVM
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide