Thursday, May 1, 2008
Encrypted filesystems for Linux
There are a few encrypted filesystems for Linux. Ones aimed at distributed filesystems (NFS replacements): - "CFS", which has been packaged and is available from non-us.debian.org. - "TCFS", http://tcfs.dia.unisa.it/ I used CFS several years ago and it seemed to work well. My only complaint was that triple DES was a bit slow on my 486/33. Another approach which I am currently using involves patching the kernel to provide kernel level encrypted filesystems. I have updated a patch for kernel 2.0.36 which was originally released in 1996 for kernel 2.0.11. I have gotten good results with this using IDEA encryption on systems ranging from a 486/33 to PII-350. There are now encryption patches available for the new 2.2.x kernels. ftp://ftp.kerneli.org/pub/linux/kerneli/v2.2/patch-int-2.2.1.1.gz will add encryption to linux 2.2.1. I have not used this patch yet, but I will give it a try as soon as I update to slink and have a 2.2.x compatible system. When unmounted, the ability to scan the raw partition will not give your cracker any useful information. If they are really determined, they could scan raw /tmp and swap partitions for traces of sensitive data. Whether this is an issue depends on your required security level. When mounted, a root cracker would be able to read the all files on the partition. Mounting the partition requires a passphrase. The kernel approach will require patching and building custom versions of the kernel and mount programs.
Wednesday, April 30, 2008
Protection Of SSH from Hackers
This Is used to add an additional layer to The System Security
# !/bin/sh
#
# swatch This shell script takes care of starting and stopping
# swatch.
#
# chkconfig: 2345 81 31
# description: Swatch is a System WATCHdog program that we are
# using here to block repeated failed ssh logins.
# processname: swatch
RETVAL=0
test -x /usr/bin/swatch || exit 0
start(){
echo "Starting swatch"
# Spawn a new swatch program
/usr/bin/swatch --config-file=/etc/swatchrc --tail-file=/var/log/secure --awk-field-syntax --tail-args "-F" &
echo $PID
return $RETVAL
}
stop () {
# stop daemon
echo "Stopping swatch:" $PROG
killall swatch
return $RETVAL
}
restart () {
stop
start
RETVAL=$?
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo "Usage: $0 {start|stop|restart}"
RETVAL=1
esac
exit $RETVAL
# !/bin/sh
#
# swatch This shell script takes care of starting and stopping
# swatch.
#
# chkconfig: 2345 81 31
# description: Swatch is a System WATCHdog program that we are
# using here to block repeated failed ssh logins.
# processname: swatch
RETVAL=0
test -x /usr/bin/swatch || exit 0
start(){
echo "Starting swatch"
# Spawn a new swatch program
/usr/bin/swatch --config-file=/etc/swatchrc --tail-file=/var/log/secure --awk-field-syntax --tail-args "-F" &
echo $PID
return $RETVAL
}
stop () {
# stop daemon
echo "Stopping swatch:" $PROG
killall swatch
return $RETVAL
}
restart () {
stop
start
RETVAL=$?
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo "Usage: $0 {start|stop|restart}"
RETVAL=1
esac
exit $RETVAL
Sunday, April 27, 2008
ATI & Nvidia: Resume, Good News, Bad News
ATI & Nvidia: Resume, Good News, Bad News
If you're using ATI or Nvidia's binary drivers on a laptop, you've probably noticed that resuming from suspend & hibernate doesn't work so well. The fix is pretty simple, but definitely not intuitive.
Hit alt+f2 (or if you use KDE whatever their runbox thing is...or use a terminal)
Type in gksu gedit /etc/default/acpi-support (replace gksu gedit with kdesu kate if you use KDE)
Scroll to Line 17, which says MODULES="" and put fglrx (if you use ATI) or nvidia (if you use Nvidia) in the quotes
Save and exit
This will make the computer automatically unload your ATI or Nvidia drivers when you hibernate/suspend and reload them when you resume. If for some reason it still doesn't work perfectly (like the 3D is gone when you come back), try turning off Compiz before you suspend or hibernate. I've seen that mess with things too.
In the realm of good news, ATI has agreed to release open source drivers for Linux, just like Intel did years ago. Yay! In the realm of bad news, Nvidia still has not. We want to put pressure on Nvidia to rise to ATI's and Intel's challenge, do we not? Please take a moment to sign the Open Letter to Nvidia asking for fully free and open source 3D-accelerated Nvidia graphics drivers for Linux (8,264 signatures at time of posting) and Digg It. In case you aren't aware, there are 2D open source (barely...the code's fairly well obfuscated) Nvidia drivers on Linux, but that's not good enough for games or for Compiz. Nouveau has been working on creating these 3D open source Nvidia drivers for a while now by reverse engineering and doing lots of hardware probing. For now, they've got better 2D than Nvidia's own open source driver (haha) and some experimental 3D support on the cards the developers have in their own computer and therefore get to mess with the most.
If you're using ATI or Nvidia's binary drivers on a laptop, you've probably noticed that resuming from suspend & hibernate doesn't work so well. The fix is pretty simple, but definitely not intuitive.
Hit alt+f2 (or if you use KDE whatever their runbox thing is...or use a terminal)
Type in gksu gedit /etc/default/acpi-support (replace gksu gedit with kdesu kate if you use KDE)
Scroll to Line 17, which says MODULES="" and put fglrx (if you use ATI) or nvidia (if you use Nvidia) in the quotes
Save and exit
This will make the computer automatically unload your ATI or Nvidia drivers when you hibernate/suspend and reload them when you resume. If for some reason it still doesn't work perfectly (like the 3D is gone when you come back), try turning off Compiz before you suspend or hibernate. I've seen that mess with things too.
In the realm of good news, ATI has agreed to release open source drivers for Linux, just like Intel did years ago. Yay! In the realm of bad news, Nvidia still has not. We want to put pressure on Nvidia to rise to ATI's and Intel's challenge, do we not? Please take a moment to sign the Open Letter to Nvidia asking for fully free and open source 3D-accelerated Nvidia graphics drivers for Linux (8,264 signatures at time of posting) and Digg It. In case you aren't aware, there are 2D open source (barely...the code's fairly well obfuscated) Nvidia drivers on Linux, but that's not good enough for games or for Compiz. Nouveau has been working on creating these 3D open source Nvidia drivers for a while now by reverse engineering and doing lots of hardware probing. For now, they've got better 2D than Nvidia's own open source driver (haha) and some experimental 3D support on the cards the developers have in their own computer and therefore get to mess with the most.
Create/Find Hardware Reviews
Create/Find Hardware Reviews
Another release, another round of hardware that's never touched Linux having its virgin run. Also a lot of people going "but will my hardware work?" Please, please, take 15-30 minutes out of your day and review your hardware somewhere—or in more than one somewhere.Here are some suggestions:
Hardware Testing - At the very least do this one. It's built into Ubuntu. On Gutsy, it's in Applications -> System Tools. In Hardy, System -> Administration -> Hardware Testing. It'll run you through a few tests, asked if it worked, and ask for comments, then it submits the info to the Ubuntu devs using your Launchpad login. I don't think this is something that publicizes the results for easy shopping. The others all do.
Linux on Laptops - If you're a laptop user, take a look. Is your model listed? Is it up to date? If the answer to either question is "no," please submit the information. You can either make a webpage (they have a template) and send them a link or send the info as an attachment.
UbuntuHCL - Sign up and add your parts to their online database. It lets you filter the listing in lots of nice ways to look up info before making a purchase. One thing I like is that the results show a listing of parts with their average rating so you can take a nice list to the store.
Dohickey - Dohickey has a nice graphical client that asks you how well your hardware works, how hard it was to get working, etc. after auto-detecting what it all is. It then submits your results to its database which anyone can browse to find out what parts work well and easily, just like with UbuntuHCL.
Ubuntu Wiki - Lots of pages where you can add info, drilling down into the different categories of hardware. There are listings for prebuilt desktops, laptops, and individual parts.
Another release, another round of hardware that's never touched Linux having its virgin run. Also a lot of people going "but will my hardware work?" Please, please, take 15-30 minutes out of your day and review your hardware somewhere—or in more than one somewhere.Here are some suggestions:
Hardware Testing - At the very least do this one. It's built into Ubuntu. On Gutsy, it's in Applications -> System Tools. In Hardy, System -> Administration -> Hardware Testing. It'll run you through a few tests, asked if it worked, and ask for comments, then it submits the info to the Ubuntu devs using your Launchpad login. I don't think this is something that publicizes the results for easy shopping. The others all do.
Linux on Laptops - If you're a laptop user, take a look. Is your model listed? Is it up to date? If the answer to either question is "no," please submit the information. You can either make a webpage (they have a template) and send them a link or send the info as an attachment.
UbuntuHCL - Sign up and add your parts to their online database. It lets you filter the listing in lots of nice ways to look up info before making a purchase. One thing I like is that the results show a listing of parts with their average rating so you can take a nice list to the store.
Dohickey - Dohickey has a nice graphical client that asks you how well your hardware works, how hard it was to get working, etc. after auto-detecting what it all is. It then submits your results to its database which anyone can browse to find out what parts work well and easily, just like with UbuntuHCL.
Ubuntu Wiki - Lots of pages where you can add info, drilling down into the different categories of hardware. There are listings for prebuilt desktops, laptops, and individual parts.
Frozen Xwindow
Frozen Xwindow.
If your Xwindow freezes sometimes, here are two ways that you may try to kill your server. The first is the simple simple way of killing your X server the key combination: Ctrl+Alt+Backspace
The second way is a little more complicated, but it works most of the time. Hit Ctrl+Alt+F2 to startup a virtual console, then log in with your user name and password and run:
# ps -ax grep startx
This will give you the PID of your Xserver. Then just kill it with:
# kill -9 PID_Number
To go back to your first console, just hit Alt-F1
If your Xwindow freezes sometimes, here are two ways that you may try to kill your server. The first is the simple simple way of killing your X server the key combination: Ctrl+Alt+Backspace
The second way is a little more complicated, but it works most of the time. Hit Ctrl+Alt+F2 to startup a virtual console, then log in with your user name and password and run:
# ps -ax grep startx
This will give you the PID of your Xserver. Then just kill it with:
# kill -9 PID_Number
To go back to your first console, just hit Alt-F1
Customizing your directory colors
Customizing your directory colors.
I know a lot of you know the command ls --color. Which displays your directory with colors. But, a lot of people may not know that those colors are customizable. All you need to do is add the following line to your /etc/bashrc file.
eval `dircolors /etc/DIR_COLORS`
And then all of the color configuration can be found in the file /etc/DIR_COLORS
I know a lot of you know the command ls --color. Which displays your directory with colors. But, a lot of people may not know that those colors are customizable. All you need to do is add the following line to your /etc/bashrc file.
eval `dircolors /etc/DIR_COLORS`
And then all of the color configuration can be found in the file /etc/DIR_COLORS
Linux-My Opinion
I have been using linux for 3 years now and found it quite realiable.I dont know why people hate to use linux.I know its a little bit tough but ultimately we learn to use it.Even I when started to use linux I was not knowing how to use it......but these three years i have been learning sumthing or the other thing virtually everyday.First I used linux for its looks and graphics and still today i am mad after it.they are just awesome.and it does get better and better as u can see with fedora core 8 coming up.Linux is quite a good OS to use and is also a lot stable than other OS.so guys think about it.I will b uploading various new tips and tricks...and yeah u all can help me make my site better....everyone is welcome.for all newbies u can try on ur hands on Linspire or SuSE.I will uplload some free links for these distros shortly.
Subscribe to:
Posts (Atom)
