Linux Articles

Running Programs in Response to Sniffed DNS Packets – Stealthily Managing Iptables Rules Remotely, Part 2

Last time we set up a Perl script that would use the Net::Pcap module to sniff the network and print information about DNS requests to standard output. The output looks like this

sourceipaddr -> destipaddr: dnshostname

Nmap Version Detection Rocks

Most people have heard of Nmap, the ubiquitous portscanner and more, available at http://www.insecure.org/nmap/. Recently, a new version of Nmap was released with a new and frequently requested feature – version scanning.

The Wrong Way to Upgrade Your RPMs

Most Linux distributions use the RPM[1] format for their software packages. RPMs are managed by the rpm program, which typically lives at /usr/bin/rpm.[2]

The Mysteriously Persistently Exploitable Program

This week, we’ll take a look at a successful and somewhat puzzling machine compromise. The machine in question was a production machine that had been up and running for about a year – one of those machines that had so much on it that you’re afraid to ever reboot it, lest something not come back up.

Monitoring File or Directory Changes

Many modern systems provide a way to watch a directory for events (new files, reading the directory, modification of a file in the directory, etc.). This facility can be done in various ways, from providing hooks in the filesystem code itself to something that watches for inode changes. Linux and BSD have several possibilities in that regard, including dnotify, changedfiles, and watch.

In Defense of Unix (and Linux, of course)

Warning: This article contains strong language and unpopular opinions. Reading of this material by Windows advocates may cause severe gastric distress followed by a desire to strike the author sharply about the head. As the author does not enjoy being pummeled, such persons are kindly requested to return whence they came and do something else.

GNU Linux Security

People consider the GNU or free software and open source software to be unsafe and are supposed to easily compromised because their source code are readily available,which isn’t correct. This article is specifically related for the security of the GNU Linux Operating system and will help the person for enabling the security parameters for added safety.

Restricting Access by Time of Day

You want a service to be available only at certain times of day.

Encrypting Backups

You want to create an encrypted backup.

Unix Permissions

These are classic Unix permissions. However, many modern Unixes support extended attributes that go beyond this. We’ll look at one example of that later in the article. You also need to know that Unix and Windows permissions don’t map well to each other, so if you are using something like Samba or Visionfs , you need to understand how permissions will be shown and honored. Some examples of that are shown later.

Virtual PC for Mac OS X

Virtual PC for Windows, Mac (OS 9 or X) and OS/2 creates virtual machines that can run multiple Windows versions. This is particularly advantageous for Mac users, but even ordinary PC users can find value in this. It’s easy to have Linux, Windows 98, Windows ME, 2000, XP Home and XP professional all on the same machine.

Administer Linux on the fly
· 1

The /proc filesystem is one of Linux’s great features, and this article gives you a thorough grounding in some of its most useful aspects. With it, you can administer many details of the operating system without ever having to shut down and reboot the machine, which is a boon for those who need to keep their systems as available as possible.

Building A Linux Router
· 1

Building a reliable, full-featured broadband router can be very easy and cost-efficient. This article is about building one for routing a LAN to the Internet with NAT (Network Address Translation — Linux users also call it as IP Masquerading) using an old computer and a Linux micro-distribution designed to have very low hardware requirements. We’ll end up having a very simple and stable system, yet featuring e.g. iptables based stateful firewalling and remote administration.

Overview of the RHCE

If the company Red Hat has its way, its Red Hat Certified Engineer (RHCE) credential will eventually replace Microsoft’s MCSE certification as king of the network operating system hill.

How to Connect Two PC via SLIP Using A Null-Modem Cable on Linux

In this article we’ll describe how to connect two PC via SLIP protocol using a null-modem cable. After this procedure, the two PCs will be connected and the IP protocol will be available for interworking, so using IP applications (e.g. telnet, ftp, ping) will be possible.

Setting Up a Linux Modem

Almost all modems manufactured today are software modems, usually referred to as “winmodems”. Even though we pay a lot for a winmodem, they are cheap to manufacture because they use very little electronics. The functions that should be performed in hardware are emulated by software. This places an extra processing burden on your computer’s CPU. Winmodems will not work with Linux unless you can locate a special “Linmodem” driver.

Securing Linux

Here we go again. I decided to write another article concerning some overall security aspects of installing and running linux. To keep it short and simple, here are some good pointers to enhancing your system’s security. But remember, there’s no absolute security, so keep your eyes open, subscribe yourself to a few good mailing lists, and keep your software up-to-date.

Hyper-Threading speeds Linux

The Intel Xeon processor introduces a new technology called Hyper-Threading (HT) that, to the operating system, makes a single processor behave like two logical processors. When enabled, the technology allows the processor to execute multiple threads simultaneously, in parallel within each processor, which can yield significant performance improvement. We set out to quantify just how much improvement you can expect to see.

Emacs Beginner’s Tutorial

Emacs is one of the most popular and powerful text editors used on Linux (and Unix). It is second in popularity only to vi. It is known for it huge feature set, ability to be easily customized, and lack of bugs. It’s large feature set and ability to be customized actually are the result of how Emacs was designed and implemented. Without going into all the details, I’ll simply point out that Emacs isn’t “just an editor”. It is an editor written mostly in the programming language Lisp.

Security Administration with Debian GNU/Linux

Debian has a package manager (DPKG) that resolves dependency problems automatically. It help us to automatically keep up to date programs looking for new versions on the internet, resolving and completing the files and libraries dependencies which a package requires, making system administration easy and keeping us up to date with the new security changes. It also shows some important and substantial security features: it doesn’t have commercial goals, also doesn’t obey mercantile urgencies, It has a good pursuit of errors, problems are fixed in less than 48 hours and it’s priority is to develop a complete and reliable operating system.

Linux File Permission Confusion

File permissions, the most basic form of security control that exists on Unix-like systems, is still misunderstood by many.