Thursday, July 31, 2008

How To Kill Application Process ID (PID) The Faster Way

At times, we need to kill an application immediately for some reasons. Sending a termination signal to a process rehups and kills a process ID (PID). This can easily be done in several ways.

Here are many alternatives way on killing PIDs.

Kill A Process ID

Traditionally, with X installed, one can install a taskbar shortcut named force quit and use that shortcut to a kill an existing application directly by simply left-clicking on the application's window area. Force quit then kills the corresponding application's PID easily.

Next, is by using the linux command kill from terminal. Linux command kill requires an explicitly defined  process ID as a parameter to kill the specific process ID.

Now, here's a faster way to kill a process ID by simply defining the binary name of the program and using pkill from terminal.

PKill Usage

# pkill program-name

For example, launch kopete binary. To kill kopete PID, simply

# pkill kopete

Another example, launch ksnaphot. To kill ksnapshot using pkill

# pkill ksnapshot

Pkill simply looks up the currently specified process name and immediately terminates it.

All is done.

How To Install Fedora 9 From The Internet

Fedora 9 Linux OS can be installed from many variety of ways. There are a lot of Fedora ISOs you can download depending on your system architecture and resources. One of which is that Fedora 9 can be installed via the internet.

Here's how to install Fedora 9 from the internet.

Fedora 9 Installation via Internet

Step One

If you have  x386 users, download Fedora 9 net iso from here. But if you have x86_64, download F9 net ISO from here.

The F9 net ISO is around 115MB in size.

Step Two

Burn the ISO to CD. Insert your CD to your CD drive and reboot from it.

Step Three

Anaconda installer would finally ask you where to get F9 rpm packages and where are they available from.

For x386 users, simply enter

http://download.fedora.redhat.com/pub/fedora/linux/releases/9/Fedora/i386/os/

For x86_x64

http://download.fedora.redhat.com/pub/fedora/linux/releases/9/Fedora/x86_64/os/

Follow the Anaconda wizard type of installation and select all your required software packages. Worry not for dependencies as it would be carefully taken care of.

Relax and get a tea, all will be set in a few moments depending on your internet speed.

All is done.

This post was entirely based from Fedora Forum post. To get F9 CD ISOs, get it here.

How To Install PHP5 and Apache HTTP Server

Apache HTTP server is responsible for most web servers around the world. It empowers most longest running web servers around the WWW. While PHP5 is web development tool you could use to run along with Apache web servers.

Here's a quick and easy way to install Apache and PHP5 on your Fedora boxes.

To install Apache and PHP5, simply launch yum to fetch all necessary rpm dependencies.

Apache Installation

# yum -y install httpd

PHP5 Installation

# yum -y php.i386

Start Apache Service

# service httpd start

Check Apache Service

Fireup your browser and browse your current IP address or your localhost

http://localhost

These files are located under /var/www/ by default installation and setup.

All is done.

How To Display The Number of Processors in Linux

On Linux, /proc/cpuinfo file contains all of the processor information from your system. This includes the processor speed, vendor id, cpu family, model, model name, CPU MHz, cache size and many more.

To mainly determine how many processors your system has, simply parse /proc/cpuinfo details from command line terminal as shown

# cat /proc/cpuinfo | grep processor | wc -l

The above command shows the total number of processors a system currently have.

This command is helpful specially on remote linux servers wherein you don't have physical access and you have nobody to tell you how many processors does that remote server have.

Remember that dual core CPU are reported as a separate processor unit.

How To Prevent Alt+F1 and Alt+F2 TTY Console Login Attempts

Linux multiple consoles are easily accessible from keyboard combinations by simply by hitting Alt+F1 for first TTY console, Alt+F2 for second TTY console up to sixth (Alt+F6) TTY consoles. This console easily brings you linux tty login consoles.

If for some reasons you wish to restrict and prevent any TTY console login attempts with your linux boxes, you can prevent this by closing selective linux TTY consoles.

Disabling Selective Linux TTY Login Consoles

Step One

For example, to close Alt+F1 and Alt+F2 (TTY1 and TTY2) login screen consoles, backup and modify /etc/securetty file and remove the console number tty1 and tty2, as shown below.

tty3
tty4
tty5
tty6

Save and exit.

Step Two

Hit Alt+F1 and Alt+F2 to check if these tty login consoles have been successfully deactivated. No need for restarts.

All is done.

How To Install Text-based File Manager

A decade ago, file operations on operating systems has been really quite eeery and so technical. File deletion, management and operation under MS-DOS and IBM-DOS with black text background tends to scare newbies on doing simple file tasks. Until file manager application has been introduced. One of them was Midnight commander.

If you wish not to use X and still do file management and operations with friendly interface from linux command line, read on.

Midnight Commander is a visual shell much like a text-based file manager, only with many more features. Midnight commander not only works in text mode application but also supports mouse movements and commands. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files. Another power feature is the ability to switch back and forth between two disk direction locations panned from left and right pane keeping separate operation tagging at the same time.

Midnight Commander (MC) is a fashioned to be very powerful but user-friendly file manager and visual shell designed both for linux novice and guru alike. MC provides a powerful linux operation, yet maintaining its application's function effectively and productively. Midnight Commander supports both local and remote operation under linux CLI or under X Window system which makes it a powerful and flexible tool on linux plafform.

Midnight commander had definitely helped a lot of us crawling over file management and operations under DOS or linux terminal mode.

Midnight Commander Fedora Installation
Fedora makes application installation quite simple by having a centralized and resynced Fedora repo. MC rpm binary is included and can be installed using yum like so

# yum -y install mc

Midnight Commander Binary Launch

# mc

Webshot:


That is all, enjoy.

Related Readings:
File Management and Operation with Thunar
Linux File Rename

How To Delete Linux Files Older Than 360 days

Searching files recursively for deletion can be real exchausting specially if the target files are queried by their file age. Recursive searching in all linux distribution can be done by using linux find command as find linux command makes recursive searches real easy.

Find command is so powerful that it can actually boosts file management operations specially on recursive file operations.

Here's how to delete files that are older than 365 days from your linux file system.

Find all MP3 files from /home/user folder and delete them if they are more than 360 days old

# find /home/user  -name '*.mp3' -mtime +360 -exec rm {} \;


The above command specifies

/home/user   as the target folder location

*.mp3  as the exact target files to delete, remember linux is case-sensitive

-mtime as find parameter to check for file age

360 as the file age triggerpoint to delete any found file

-exec as a linux command concatenation to execute the next command while doing the first linux command

rm as the linux file delete command

{} \; as the loopback parameter to repeat the search and file deletion back again

To avoid any interaction when deleting files, simply change

rm {}

to

rm -rf {}

Be careful of using this find and delete command, as it does file deletion recursively. This command can be used to clean up old files from FTP and Samba file servers using linux job scheduling.

All is done.

Related Post:

HowTo: Delete All Thumbs.db Recursively

HowTo: Find And Count JPG Files Recursively

Delete Zero-sized Filename Recursively

Find Hidden Linux File Recursively

Move Linux Files Recursively

Rename Linux File Recursively

Delete Files and Folders Recursively

How To Install VirtualBox on Fedora 9

VirtualBox has been recently bought by Sun Inc, the maker of Sun's Java. VirtualBox had proven to do their job when it comes to operating system virtualization. Virtualization using Virtualbox had come to a long way, which enabled every virtual users and system admins to further evaluate different virtual machines to perform its task without even buying any additional hardware.

What is VirtualBox?

VirtualBox is a powerful PC virtualization solution allowing you to run a wide range of PC operating systems on your Linux system. This includes Windows, Linux, FreeBSD, DOS, OpenBSD and others. VirtualBox comes with a broad feature set and excellent performance, making it the premier virtualization software solution on the market.

VirtualBox Installation

Here's how to install VirtualBox to Fedora 9.

Step One

Download VirtualBox binary from Sun site. Choose your proper operating system. To install it into Fedora, Download it here. The download package is about 21MB in size.

Alternatively, you can use yum to install Virtualbox as shown below

# yum -y install VirtualBox

After doing installation via yum, proceed to step three.

Step Two

Install Virtualbox rpm package using rpm package manager

# rpm -ivh VirtualBox-1.6.2_31466_fedora9-1.i586.rpm

Step Three

Execute VirtualBox binary and respond the next installation procedures as shown below

# VirtualBox

Accept VirtualBox license and you are good to go.

All is done.

More VirtualBox info can be found here.

Wednesday, July 30, 2008

HowTo: Delete All Thumbs.db Recursively

An offline messages just arrive from a fedora newbie trying to polish more of his FTP administration skills.

After quite some time of establishing his fully functional FTP server via VSFTP, he then realized that most of their staff with windows-based desktops usually Selects ALL files, Copy and Paste to FTP site, the normal non-techie way. Unaware that selecting all files from currently working windows folder also selects the Thumbs.db file to be uploaded to that same FTP server.

This Thumbs.db file is by the way created by windows OS for the purpose of thumbnailing cached image files, which has a filesize of 23040. If you've 1,000 of that, you just lost 23MB of disk space.

Now, the answer to his question of deleting Thumbs.db file recursively following the same concept with recent postings. This can be simply done using find.


# find ~ftpusername -name "Thumbs.db" -exec rm -rf {} ;


Adding to cron job on every morning or on daily basis would be


01 07 * * * find ~ftpusername -name "Thumbs.db" -exec rm -rf {} ; > /dev/null 2>&1


Goodluck, hope this helps.

Related External Articles:
What Happens After rm -rf / ?

HowTo: Delete All Thumbs.db Recursively

An offline messages just arrive from a fedora newbie trying to polish more of his FTP administration skills.

After quite some time of establishing his fully functional FTP server via VSFTP, he then realized that most of their staff with windows-based desktops usually Selects ALL files, Copy and Paste to FTP site, the normal non-techie way. Unaware that selecting all files from currently working windows folder also selects the Thumbs.db file to be uploaded to that same FTP server.

This Thumbs.db file is by the way created by windows OS for the purpose of thumbnailing cached image files, which has a filesize of 23040. If you've 1,000 of that, you just lost 23MB of disk space.

Now, the answer to his question of deleting Thumbs.db file recursively following the same concept with recent postings. This can be simply done using find.


# find ~ftpusername -name "Thumbs.db" -exec rm -rf {} ;


Adding to cron job on every morning or on daily basis would be


01 07 * * * find ~ftpusername -name "Thumbs.db" -exec rm -rf {} ; > /dev/null 2>&1


Goodluck, hope this helps.

Related External Articles:
What Happens After rm -rf / ?

10 Cool Open Source Easter Eggs

It’s easy to forget with all the source compiling, the conspiracy theories, and the OS flaming going on in every corner of the Internet, that there is a fun side of our beloved OS and Open Source applications. I have compiled a list of 10 easter eggs found in Open Source project..


Complete Story

KDE 4.1 rocks the desktop

KDE 4.1 was finally released to the public today. After all the controversy since the release of KDE 4.0, I'm happy to announce that KDE 4.1 simply rocks...


Complete Story

10 Cool Open Source Easter Eggs

It’s easy to forget with all the source compiling, the conspiracy theories, and the OS flaming going on in every corner of the Internet, that there is a fun side of our beloved OS and Open Source applications. I have compiled a list of 10 easter eggs found in Open Source project..


Complete Story

KDE 4.1 rocks the desktop

KDE 4.1 was finally released to the public today. After all the controversy since the release of KDE 4.0, I'm happy to announce that KDE 4.1 simply rocks...


Complete Story

Roku's Netflix Player: a hands-on review

It's small and silent, sports an array of ports on the back but only one tiny white LED on the front, and it can help you spend hours of time in front of your TV -- and it runs Linux. It's the Netflix Player from embedded device specialist Roku, and we got our hands on it for a review of the service and the hardware.

..


Complete Story

PostPath cracked Exchange protocols for Postfix-based mail server

PostPath is a drop-in Microsoft Exchange alternative based on the open source Postfix MTA. PostPath director of product management Sina Miri calls PostPath the "only" drop-in Exchange replacement, and he says that ability is the reason why his company makes PostPath available only with a proprietary license, despite its open source roots.

..


Complete Story

Yahoo, HP, Intel Give Ivory Towers a Stairway to the Cloud


Yahoo, HP and Intel are collaborating on an ambitious research endeavor called "Cloud Computing Test Bed" -- designed to support cloud computing research and education at universities. Users will be able to develop and test software, data center management, and hardware associated with cloud computing on this large-scale grid. The three companies are partnering with the Infocomm Development Authority of Singapore, the University of Illinois at Urbana-Champaign and the Karlsruhe Institute of Technology in Germany on the project...


Complete Story

Portugal Rings Up Big Order for Intel's Classmate PCs


Intel's low-cost laptop initiative is set to get a boost Wednesday from Portugal's government, which is pledging to provide elementary school students with 500,000 computers based on the chipmaker's Classmate PC design. The announcement brings Intel's rivalry with the One Laptop Per Child organization into the spotlight once again. In May, the nonprofit OLPC group said its green-and-white XO laptop computers would work with Microsoft's Windows in addition to a homegrown Linux-based operating system...


Complete Story

SSD vs. SATA RAID: A Performance Benchmark

Linux.com: "To see just how much an SSD might improve performance, I used Bonnie++ to benchmark a contemporary SSD as it might be used in a laptop computer."

Roku's Netflix Player: a hands-on review

It's small and silent, sports an array of ports on the back but only one tiny white LED on the front, and it can help you spend hours of time in front of your TV -- and it runs Linux. It's the Netflix Player from embedded device specialist Roku, and we got our hands on it for a review of the service and the hardware.

..


Complete Story

PostPath cracked Exchange protocols for Postfix-based mail server

PostPath is a drop-in Microsoft Exchange alternative based on the open source Postfix MTA. PostPath director of product management Sina Miri calls PostPath the "only" drop-in Exchange replacement, and he says that ability is the reason why his company makes PostPath available only with a proprietary license, despite its open source roots.

..


Complete Story

Yahoo, HP, Intel Give Ivory Towers a Stairway to the Cloud


Yahoo, HP and Intel are collaborating on an ambitious research endeavor called "Cloud Computing Test Bed" -- designed to support cloud computing research and education at universities. Users will be able to develop and test software, data center management, and hardware associated with cloud computing on this large-scale grid. The three companies are partnering with the Infocomm Development Authority of Singapore, the University of Illinois at Urbana-Champaign and the Karlsruhe Institute of Technology in Germany on the project...


Complete Story

Portugal Rings Up Big Order for Intel's Classmate PCs


Intel's low-cost laptop initiative is set to get a boost Wednesday from Portugal's government, which is pledging to provide elementary school students with 500,000 computers based on the chipmaker's Classmate PC design. The announcement brings Intel's rivalry with the One Laptop Per Child organization into the spotlight once again. In May, the nonprofit OLPC group said its green-and-white XO laptop computers would work with Microsoft's Windows in addition to a homegrown Linux-based operating system...


Complete Story

Floating Point Math in Bash

Linux Journal: "When you think about it, it's surprising how many programming tasks don't require the use of floating point numbers. If you're an embedded systems programmer, you'd probably get fired for using "double" in a C program. If you write PHP or JavaScript, quick, do they even support floating point? One language that doesn't support it is Bash, but let's not let that stop us..."

SSD vs. SATA RAID: A Performance Benchmark

Linux.com: "To see just how much an SSD might improve performance, I used Bonnie++ to benchmark a contemporary SSD as it might be used in a laptop computer."

How To Mount Remote Folder Location Via SSHFS




File transfers between hosts can be secured by using SSH protocol. Transferring files from current to remote location can easily be done from terminal using the scp linux command. However, it would be more convenient to have those remote folders and files be mounted locally from our own drive and access them locally using a local file browser or using local terminal file commands. Here's how you can mount a remote location into the local's file system.

Introducing SSHFS

This is a FUSE-filesystem client based on the SSH File Transfer Protocol. Since most SSH servers already support this protocol, it is very easy to set up. On the client side, mounting the filesystem is as easy as logging into the server with ssh.

SSH File System Installation

Yum can install fuse sshfs rpm package.

# yum -y fuse-sshfs

Mount Remote Folder via Fuse SSH File System

To mount /home/john from 192.168.100.1 to local folder /mnt/remote using a remote system account john

# sshfs john@192.168.100.1:/home/john /mnt/remote

Enter password details as required.

Say we need to mount a remote sub folder named /home/peter from a remote host with IP address 192.168.100.1 and mount it into our local file system folder /mnt/remote2 by using a remote john account, simply

#sshfs john@192.168.100.1:/home/peter /mnt/remote2

The above would mount the delegated folder. As long as you have read and/or write access to files and subfolders under /home/peter remote location, you would be able to mount it successfully.

The above mounts /home/john folder from 192.168.100.1 locally into /mnt/remote using remote's john account. This should work out right without any SSH restrictions, access list and firewalls from the remote location.

Now, access remote files and folder locally from your current file system

# cd /mnt/remote

# ls -la

Fuse SSH File System Troubleshooting

If any errors persists, simply check for fuse kernel module

# modproble -l fuse

The above should give you a similar line below which tells that fuse kernel module is currently loaded

/lib/modules/2.6.25-14.fc9.i686/kernel/fs/fuse/fuse.ko

Fuse SSH file system approaches the concept of having to update current file system status locally from your system and resync to remote location for any changes, ofcourse, naturally, there would be a split second delay on any local file changes, depending on connection speed.

SSH file system is a great remote file management convenience besides from having to use scp for every remote file transfers.

How To Protect SSH From Multiple and Parallel Coordinated Attacks

Multiple SSH attacks coming from multiple hosts with multiple connection can bog down even a firewalled SSH server. Minimizing these kind of attacks can lessen SSH brute force attempts and decrease SSH hack attempts at the same time. Here's a quick entry on how to tweak SSH configuration to limit the maximum number of unauthenticated SSH connection at a certain period of time.

OpenSSH MaxStartups SSH Directive

By limiting the value of Maxstartups SSH directive, the maximum simultaneous number of unauthenticated connections that the SSH server will handle is also decreased. That is, ssh server will be explicitly restricted to a maximum number of simultaneous unauthenticated SSH connections only. Thus, when triggered, SSH daemon service would then ignore and deny other parallel and coordinated SSH brute force attacks with multiple connections and will be continuously dropping SSH connections until a single authentication succeeds or the LoginGraceTime expires from the recent connection.

MaxStartUps Usage

By default, MaxStartups is set to 10. The smaller the maxstartups value, the smaller the chance of receiving simultaneous and parallel attacks from a single host with multiple connections. Now, to implement this SSH security, backup and modify /etc/ssh/sshd_config SSH configuration file to reflect the sample below SSH directive

MaxStartups 2:50:5

The numbers represent start:rate:full legends.

From the above maxstartup value, SSH server will refuse connection attempts with a probability rate of 50% if there are currently 2 unauthenticated sessions. The probability rate increases linearly if SSH connection attempts reaches the full value of 5.

Basically, MaxStartups 2:50:5 allows 2 users to attempt SSH authentication at the same time and ignores any other SSH connections if current SSH connection attempts reaches the value of 5. SSH further ignorance to unauthenticated SSH connection can be override simply by being authenticated or expiring the current logingracetime value.

Remember that when defining SSH maxstartups value, it is also necessary to consider the total number of shell users a SSH server currently.

All is done.

Monday, July 28, 2008

How To Enable IP Forwarding in Linux

By installation default, Linux distribution such as Redhat, CentOS, White OS, and Fedora comes with IP Forwarding disabled. The reason for this is that default linux installation, whether desktop or server, does not consider a default OS installation of forwarding IP packets and request by default, as the linux OS is not fully aware of how the users are planning to make use of the Linux OS installation or even if the users need to enable /IP for

The need to forward IP packets from one source to another using linux as the default gateway or linux router, IP forwarding should be enabled from this considerations. IP Forwarding can be done in many different ways that aims to only one thing, enable IP forwarding.

IP Forwarding Initial Verification


Now, to check for current status of IP forwarding on IPv4 IP class

# cat /proc/sys/net/ipv4/ip_forward

If IP forwarding is disabled, a value of 0 would be displayed and if IP forwarding was recently enabled, linux should be displaying a numerical value of 1.

Alternatively, on most rpm-based linux distributions, checking IP forward status could also be viewed from /etc/sysctl.conf file after initial reboot.

# cat /etc/sysctl.conf | grep net.ipv4.ip_forward

A direct command using kernel sysctl command from terminal would be

# sysctrl net.ipv4.ip_forward

Once again, net.ipv4.ip_forward network parameter should be displaying a value of 1 if IP forwarding is enabled. If you try to view the file, the file should be displaying the below similar line

net.ipv4.ip_forward = 1


Enabling IP Forward Directly from Terminal

If you wish to enable IP Forward from linux,

# echo 1 > net.ipv4.ip_forward = 1

Alternatively, you can use system kernel command to achieve the same effect

# sysctrl -w net.ipv4.ip_forward=1

However, the above command take effect immediately but would not be a permanent change between reboots unles you include them to linux start up files like /etc/rc.local or with other external script called from linux start up process.

Permanent Change for IP Forwarding

To make the changes permanently between reboots, simply backup and edit /etc/sysctl.conf and make sure that the below lines appears from /etc/sysctl.conf

net.ipv4.ip_forward = 1

Save and exit.

With RedHat, CentOs and Fedora, a restart of network service is needed for IP forwarding to take effect when changing values from /etc/sysctrl.conf

# service network restart

Checking IP Forward Changes

# cat /proc/sys/net/ipv4/ip_forward

With the above changes, you would now be able to forward IP packets and request going to another network destination and interface.

Disable IP Forwarding

Disable IP forwarding from linux, simply change the ip_forward kernel directive from 1 to 0 , that is

net.ipv4.ip_forward = 1

Save and exit.

Restart the network service again.

All is done.

Sunday, July 27, 2008

spell check text file from terminal

This blog entry is here to do spell check of text file(s) remotely via terminal or without using X. This can be done non-interactively and interactively using linux spell and aspell binary.

Here are more details.

Assuming we have an existing file named file.txt .

# cat file.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hey diddle diddle,
The cat and the fiddle,
The cow jumped over the moon,
The little dog laughed to see such a sight,
And the dish ran away with the spoon.

This word is not in the dictionary linux
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How to spell check text file in terminal non-interactively?

# spell file.txt

gives out mispelled or unknown dictionary words below
~~~~~~~~
linux
~~~~~~~~






If you wish to spell check interactively, this can be done as follows

# aspell -c file.txt

Launching the above commands open up somewhat read only text editor from your screen. Aspell presents you interactively with suggested spelling words that is currently based on aspell dictionary lookup table.

The menus are presented in a friendly way. Mispelled and unknown dictionary words are being highlighted for further action. These available action for mispelled and unknown words are available from choosing single shortcut keys as shown with the lower portion of the screen.



From the above screenshot, solaris is unknown to english dictionary that is why it was highlighted for further correction and/or spell check action.

Spell checking are based on English language as its default, which can be modified by changing the command line arguments. There are more than 100 language options to choose from and Tagalog is one of them! Aspell website can be visited here. If you wish to check all supported languages, you can simply view them by

# info aspell

If you wish to view or dump current aspell configuration, do as follow (/etc/aspell.conf)

# aspell config

Another binary that comes with aspell rpm package is ispell.

How to check the spelling of a text file interactively using ispell?

# ispell textfile.txt

HTH

spell check text file from terminal

This blog entry is here to do spell check of text file(s) remotely via terminal or without using X. This can be done non-interactively and interactively using linux spell and aspell binary.

Here are more details.

Assuming we have an existing file named file.txt .

# cat file.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hey diddle diddle,
The cat and the fiddle,
The cow jumped over the moon,
The little dog laughed to see such a sight,
And the dish ran away with the spoon.

This word is not in the dictionary linux
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

How to spell check text file in terminal non-interactively?

# spell file.txt

gives out mispelled or unknown dictionary words below
~~~~~~~~
linux
~~~~~~~~






If you wish to spell check interactively, this can be done as follows

# aspell -c file.txt

Launching the above commands open up somewhat read only text editor from your screen. Aspell presents you interactively with suggested spelling words that is currently based on aspell dictionary lookup table.

The menus are presented in a friendly way. Mispelled and unknown dictionary words are being highlighted for further action. These available action for mispelled and unknown words are available from choosing single shortcut keys as shown with the lower portion of the screen.



From the above screenshot, solaris is unknown to english dictionary that is why it was highlighted for further correction and/or spell check action.

Spell checking are based on English language as its default, which can be modified by changing the command line arguments. There are more than 100 language options to choose from and Tagalog is one of them! Aspell website can be visited here. If you wish to check all supported languages, you can simply view them by

# info aspell

If you wish to view or dump current aspell configuration, do as follow (/etc/aspell.conf)

# aspell config

Another binary that comes with aspell rpm package is ispell.

How to check the spelling of a text file interactively using ispell?

# ispell textfile.txt

HTH

How To Allow and Deny SSH Access To Specific Users

From recent SSH post entry of restricing SSH access to specific IP address and computer hosts, we now move on to restrict SSH port and SSH connection to specific or particular users.

As a requirement, an existing SSH server should be currently installed and running. If not, simpl install openssh server rpm package and start the service after successful installation.

OpenSSH Server Installation

# yum -y install openssh-server

Start OpenSSH Server

# service sshd start

Restrict SSH Access To Particular User Account or System Users

Step One

Backup and modify SSH configuration file /etc/ssh/sshd_config . If you want to allow SSH access logons only to Peter, Jose and John, simply insert the similar linse

AllowUsers peter jose john

Step Two

Restart OpenSSH

# service sshd restart

Verification of OpenSSH Configuration Changes

Try to SSH from separate workstation to current SSH server using a different login name and the names mentioned from sshd_config of AllowUsers line.

Monitoring Restricted SSH Log File


Tail your SSH log file and you will see a refused SSH attempt with the scenario taken above.

# tail -f /var/log/secure

Jul 27 15:39:58 server sshd[24701]: User testuser1 from 192.168.101.1 not allowed because not listed in AllowUsers

At the other end of SSH connection, the user attempting to SSH login, would similarly see the below lines

Permission denied, please try again.

Submission of correct SSH username and password combination would not permit any SSH user until AllowUsers SSH directive is remove from /etc/ssh/sshd_config or the requesting SSH user  is added to AllowUsers line.

OpenSSH access and logons restrictions only to specific list of system users is just another SSH security you add up to harden your SSH configuration.

All is done.

Customer demand adds Linux to industrial computer line

Glacier Computer is offering two Linux distributions as options on its Everest
PCs. The company announced this month it is offering customers a choice of IGEL Linux or Fedora Linux distributions.

..


Complete Story

Is OpenSolaris in hot water?

Here's how it works: Novell owns Unix's IP (intellectual property). SCO sold Unix's IP to Sun. Sun then included some Unix IP into Solaris. Finally, Sun open sourced Solaris as OpenSolaris. Sounds like trouble, doesn't it?

..


Complete Story

Anatomy of the Linux file system

When it comes to file systems,Linux is the Swiss Army knife of operating systems. Linux supports a large number of file systems, from journaling to clustering to cryptographic. Linux is a wonderful platform for using standard and more exotic file systems and also for developing file systems. This article explores the virtual file system (VFS).....


Complete Story

Linux development on the PS 3 More than a toy - part I - III

About this series This series of three articles looks at PS3 Linux as a prospective development environment.This first article, Part 1, introduces the basic configuration knobs and widgets specific to the PS3, shows you how to use them effectively, and suggests the kind of trickery that might get improved performance or a more usable display. [...]..


Complete Story

Quotes from Bill Gates, Steve Jobs and Linus Torvalds

Weekend fun for the OS junkies. A collection of some interesting quotes from the three influential figures in the history of Operating Systems. Some of the quotes are controversial and some of them are just shockingly funny. Personal favorite: Steve Jobs' quote about Bill Gates "He'd be a broader guy if he had dropped acid once or gone off to an ashram when he was younger."..


Complete Story

Under Pressure, ISP Admits Secret Web Snooping in Kansas

Wired: "Internet service provider Embarq eavesdropped on the web surfing habits of 26,000 customers in Kansas without notifying them personally, as part of its test of new, controversial advertising technology that profiles users, the company told federal lawmakers Wednesday."

Open Web Foundation to Play Freedom Cop for Net Specs


The Open Web Foundation introduced itself to the world last week at OSCON, the Open Source Convention, held in Portland, Ore. The consortium of individuals and Internet companies is an effort to build a home for community-driven specifications on the Web. The organization follows open source models already seen in the Apache Software Foundation. Its goal is to provide a lightweight framework that will help communities handle the legal requirements necessary to create successful and widely adopted specifications...


Complete Story

Customer demand adds Linux to industrial computer line

Glacier Computer is offering two Linux distributions as options on its Everest
PCs. The company announced this month it is offering customers a choice of IGEL Linux or Fedora Linux distributions.

..


Complete Story

Is OpenSolaris in hot water?

Here's how it works: Novell owns Unix's IP (intellectual property). SCO sold Unix's IP to Sun. Sun then included some Unix IP into Solaris. Finally, Sun open sourced Solaris as OpenSolaris. Sounds like trouble, doesn't it?

..


Complete Story

Anatomy of the Linux file system

When it comes to file systems,Linux is the Swiss Army knife of operating systems. Linux supports a large number of file systems, from journaling to clustering to cryptographic. Linux is a wonderful platform for using standard and more exotic file systems and also for developing file systems. This article explores the virtual file system (VFS).....


Complete Story

Linux development on the PS 3 More than a toy - part I - III

About this series This series of three articles looks at PS3 Linux as a prospective development environment.This first article, Part 1, introduces the basic configuration knobs and widgets specific to the PS3, shows you how to use them effectively, and suggests the kind of trickery that might get improved performance or a more usable display. [...]..


Complete Story

Quotes from Bill Gates, Steve Jobs and Linus Torvalds

Weekend fun for the OS junkies. A collection of some interesting quotes from the three influential figures in the history of Operating Systems. Some of the quotes are controversial and some of them are just shockingly funny. Personal favorite: Steve Jobs' quote about Bill Gates "He'd be a broader guy if he had dropped acid once or gone off to an ashram when he was younger."..


Complete Story

Installing Applications on Linux

IT Wire: "Firstly, the simplest way is via Add/Remove. This can be found at the top left side of the screen by clicking on the Applications menu (which is a little like the Windows Start menu) and then going to the bottom, and clicking on Add/Remove."

Under Pressure, ISP Admits Secret Web Snooping in Kansas

Wired: "Internet service provider Embarq eavesdropped on the web surfing habits of 26,000 customers in Kansas without notifying them personally, as part of its test of new, controversial advertising technology that profiles users, the company told federal lawmakers Wednesday."

Open Web Foundation to Play Freedom Cop for Net Specs


The Open Web Foundation introduced itself to the world last week at OSCON, the Open Source Convention, held in Portland, Ore. The consortium of individuals and Internet companies is an effort to build a home for community-driven specifications on the Web. The organization follows open source models already seen in the Apache Software Foundation. Its goal is to provide a lightweight framework that will help communities handle the legal requirements necessary to create successful and widely adopted specifications...


Complete Story

Saturday, July 26, 2008

Microsoft Becomes Just a Little More Like Apple

While Microsoft has only just begun fighting the perception problems surrounding Windows Vista, the company is already thinking and planning way beyond its latest operating system. We all know that Windows 7 will build on top of the foundations laid by Vista, and that it will include a fancy multitouch framework (and a mysterious new taskbar). According to Microsoft, Windows 7 is still on track for January 2010, and in a memo to his employees, CEO Steve Ballmer outlined some interesting new approaches the company might try with Windows 7 - including being just a little more like Apple...


Complete Story

Tux3, a Versioning Filesystem

Daniel Phillips has announced the prototype design of a new linux filesystem (implementation has only begun). The most interesting thing seems to be a different way of implementing versioning: "Unlike the currently fashionable recursive copy on write designs with one tree root per version, Tux3 stores all its versioning information in the leaves of btrees using the versioned pointer algorithm. This method promises a significant shrinkage of metadata for heavily versioned filesystems as compared to ZFS and Btrfs"...


Complete Story

Anatomy of Linux loadable kernel modules

Linux® loadable kernel modules, introduced in version 1.2 of the kernel, are one of the most important innovations in the Linux kernel. They provide a kernel that is both scalable and dynamic. Discover the ideas behind loadable modules, and learn how these independent objects dynamically become part of the Linux kernel...


Complete Story

Shuttleworth: Microsoft Does Not Want War

At OSCON, Mark Shuttleworth, founder of Canonical Ltd. said he doubts Microsoft would file a claim against Linux developers...


Complete Story

The Open Call

Atomic: "Inevitably as Linux has gained traction it’s attracted more and more attention. From Dell selling Ubuntu PCs to ASUS choosing Xandros for the EeePC, it’s become almost trendy to add Tux to a product..."

Google Gadgets for Linux -- Almost There

Linux.com: "Since version 2 came out in 2005, Google Desktop for Windows has included a sidebar that users can fill with screen gadgets, but the Linux version (version 1, from June 2007) provided only indexing and search functions, with no eye candy whatsoever. This has finally changed. Google recently released Google Gadgets for Linux (GGL), which closes the gap between the operating systems. With GGL, you can run as many gadgets as you wish on your screen -- or at least that's the idea. Some flaws still need to be fixed, and not everything works 100% correctly."

Cloud Computing: When Computers Really Do Rule


In the nightmare scenario of Luddites everywhere, The Computers have been entrusted with mankind's accumulated knowledge. All is well until that fateful day when the machines band together, creating a mammoth, all-powerful, living network that thinks, grows and takes over the Earth. Think "The Terminator" or "Colossus: The Forbin Project." These days, the geek buzzword for this is "the Cloud" and the catchphrase is "Cloud computing." First, the bad news, at least for the Luddites: The Cloud is already here...


Complete Story

Consoles Sell Like Hotcakes, Yahoo Cuts a Deal, Sysadmin Caves


As much as I love zombie movies, I really don't care to count how many times I've been invited to BECOME a zombie on Facebook. Yeah, you know the one I'm talking about. That's what you get when you open your platform to developers with all sorts of agendas -- you get a handful of good stuff, and you get oceans of crap -- spammy, garbagey applications -- the software equivalent of Cracker Jack prizes. So at Facebook's F8 developer's conference, the company announced what it calls the "Great App" program...


Complete Story

Microsoft Becomes Just a Little More Like Apple

While Microsoft has only just begun fighting the perception problems surrounding Windows Vista, the company is already thinking and planning way beyond its latest operating system. We all know that Windows 7 will build on top of the foundations laid by Vista, and that it will include a fancy multitouch framework (and a mysterious new taskbar). According to Microsoft, Windows 7 is still on track for January 2010, and in a memo to his employees, CEO Steve Ballmer outlined some interesting new approaches the company might try with Windows 7 - including being just a little more like Apple...


Complete Story

Tux3, a Versioning Filesystem

Daniel Phillips has announced the prototype design of a new linux filesystem (implementation has only begun). The most interesting thing seems to be a different way of implementing versioning: "Unlike the currently fashionable recursive copy on write designs with one tree root per version, Tux3 stores all its versioning information in the leaves of btrees using the versioned pointer algorithm. This method promises a significant shrinkage of metadata for heavily versioned filesystems as compared to ZFS and Btrfs"...


Complete Story

Anatomy of Linux loadable kernel modules

Linux® loadable kernel modules, introduced in version 1.2 of the kernel, are one of the most important innovations in the Linux kernel. They provide a kernel that is both scalable and dynamic. Discover the ideas behind loadable modules, and learn how these independent objects dynamically become part of the Linux kernel...


Complete Story

Shuttleworth: Microsoft Does Not Want War

At OSCON, Mark Shuttleworth, founder of Canonical Ltd. said he doubts Microsoft would file a claim against Linux developers...


Complete Story

The Open Call

Atomic: "Inevitably as Linux has gained traction it’s attracted more and more attention. From Dell selling Ubuntu PCs to ASUS choosing Xandros for the EeePC, it’s become almost trendy to add Tux to a product..."

Google Gadgets for Linux -- Almost There

Linux.com: "Since version 2 came out in 2005, Google Desktop for Windows has included a sidebar that users can fill with screen gadgets, but the Linux version (version 1, from June 2007) provided only indexing and search functions, with no eye candy whatsoever. This has finally changed. Google recently released Google Gadgets for Linux (GGL), which closes the gap between the operating systems. With GGL, you can run as many gadgets as you wish on your screen -- or at least that's the idea. Some flaws still need to be fixed, and not everything works 100% correctly."

Cloud Computing: When Computers Really Do Rule


In the nightmare scenario of Luddites everywhere, The Computers have been entrusted with mankind's accumulated knowledge. All is well until that fateful day when the machines band together, creating a mammoth, all-powerful, living network that thinks, grows and takes over the Earth. Think "The Terminator" or "Colossus: The Forbin Project." These days, the geek buzzword for this is "the Cloud" and the catchphrase is "Cloud computing." First, the bad news, at least for the Luddites: The Cloud is already here...


Complete Story

Consoles Sell Like Hotcakes, Yahoo Cuts a Deal, Sysadmin Caves


As much as I love zombie movies, I really don't care to count how many times I've been invited to BECOME a zombie on Facebook. Yeah, you know the one I'm talking about. That's what you get when you open your platform to developers with all sorts of agendas -- you get a handful of good stuff, and you get oceans of crap -- spammy, garbagey applications -- the software equivalent of Cracker Jack prizes. So at Facebook's F8 developer's conference, the company announced what it calls the "Great App" program...


Complete Story

How To Install Adobe Flash Player 10 in Fedora

Adobe had release the latest flash player version 10. If you currently have a lower version, it is adviseable to install the latest release as it fixes some issues with the lower version.

Install Flash Player 10

Step One


Using Fedora, it is important to uninstall the lower Flash Player version. To remove old flash player

# rpm -qa flash*

# rpm -e flash-lower-version.rpm

Step Two

Download Flash Player 10 rpm for linux from here. Alternatively, install it direct using rpm package installer

# rpm -ivh http://download.macromedia.com/pub/labs/flashplayer10/flashplayer10_install_linux_070208.i386.rpm

If you choose to download the latest Flash Player 10, launch rpm package installer to install your downloaded file like so

# rpm -ivh flashplayer10_install_linux_070208.i386.rpm

Step Three

Close and start your browser. Go to flash-enabled websitesand test Flash Player 10 Beta.

It works out right like a charm. All is done.

How To Add and Install Alternative Liberation Fonts

Fedora project endorses liberation fonts. Fedora encourages to install liberation fonts as one of alternative linux fonts that also comes with Fedora installer images. By default X installation, liberation fonts are installed by default.

The Liberation Fonts are intended to be replacements for the three most commonly used fonts on Microsoft systems namely Times New Roman, Arial, and Courier New. If you wish to have these fonts into your system, read on.

To install liberation fonts, simply launch yum to do so

# yum -y install liberation-fonts

All is done.

Friday, July 25, 2008

Digg it: Top 1 Supercomputer is powered by Fedora

Fedora is stable linux distro around which offers the latest, razor-sharp and bleeding edge linux applications and softwares around the OS world. Yes, Fedora is stable and is good alternative on server setup.

Inviting you to quick digg Fedora's super empowering the #1 super computer of the world.

Digg Here


Thanks

How To Send System Message To FTP Clients via TCP Wrapper

From recent posts, granting access (allow and deny) restrictions to particular services is a good additional security practice anybody could use of nowadays. There are some system admins that prefer sending system message or account status when denying access to particular clients or hosts.

Sending service message or service system status to particular hosts or group of hosts can lessen on-site technical phone calls during scheduled system maintenance works while making connecting clients informed and be reminded of your service message.

Send System Message to FTP Clients via TCP Wrapper

Step One

Backup and modify /etc/hosts.allow to reflect the below similar lines. Assuming that VsFTPd daemon service is running as current FTP server.

vsftpd: 83.83.83.83 :  twist /bin/echo "220 %h FTP account has expired, please renew."

vsftpd: 192.168.100.100 :  twist /bin/echo "220 %h has been banned, go away!"

vsftpd: 192.168.100.10 :  twist /bin/echo "220 %h We are on scheduled maintenance, try later. Thanks"

The above instructs TCP wrapper to deny access to

83.83.83.83

192.168.100.100

192.168.100.10

Each has separate log message to be sent to the connecting clients.

Save and exit.

No restart is needed from any daemon services. Portmap and Rpcbind daemon services are not required to be enabled from this setup.

Step Two

Verify changes with your host access restrictions via TCP wrapper. Using a separate linux host

# telnet domain.com 21

# ftp domain.com

Alternatively, from a separate windows host, launch your FTP client software and verify the message by connecting to domain.com as an example.

A similar output would be

Trying domain.com...
Connected to domain.com
Escape character is '^]'.
220 We are on scheduled maintenance, come back later.
Connection closed by foreign host.

This would work out right from RedHat, CentOS, White OS and Fedora boxes.

All is done

Intel Switches From Ubuntu To Fedora For Mobile Linux

An anonymous reader writes

"According to a report on heise, Intel is switching from using Ubuntu to the Fedora Project for the second version of the Intel supported Mobile & Internet Linux Project Moblin, citing a desire to use RPM package management."

Read more.

Intel Switches From Ubuntu To Fedora For Mobile Linux

An anonymous reader writes

"According to a report on heise, Intel is switching from using Ubuntu to the Fedora Project for the second version of the Intel supported Mobile & Internet Linux Project Moblin, citing a desire to use RPM package management."

Read more.

How To Create Separate SSH Log File for Specific SSH Clients

By default, OpenSSH dumps log messages to /var/log/secure authentication log file. The need to log particular host or group of IP address to separate SSH log file is needed at times to further log SSH details for further record and monitoring.

Create Separate SSH Log File for Particular SSH Client Log Attempts

Here's how to log particular SSH client to separate SSH log file.

Step One

Create the separate SSH log file

# touch /var/log/abusive.log

and make sure it is readable and writable by root.

# chmod 600  /var/log/abusive.log

Step Two

Modify /etc/hosts.allow and append a similar line shown below

sshd:  83.83.83.83 : spawn /bin/echo `/bin/date` from %h %u >> /var/log/abusive.log

Alternatively, you can log a group of hosts to separate SSH log file

sshd: *.google.com : spawn /bin/echo `bin/date` from %h %c >> /var/log/abusive.log

To group SSH clients to particular log gile

sshd: *.yahoo.com : spawn /bin/echo `bin/date` from %h %c >> /var/log/yahoo-ssh.log

Save and exit. Noticed that we use the SPAWN tcp wrapper operator to log every hosts under google.com and dump the corresponding date of SSH login attempt to /var/log/abusive.log SSH log file.

Now, to log to separate SSH log file and completely deny particular host under google.com domain, simply

sshd: *.google.com : spawn /bin/echo `bin/date` from %h %c >> /var/log/abusive.log : deny

Save and exit.

No need to restart any services like SSH or XInet .

Supported Parameter Expansions

Below is a list of supported expansions:


  • %a — The client's IP address.

  • %A — The server's IP address.

  • %c — Supplies a variety of client information, such as the username and hostname, or the username and IP address.

  • %d — The daemon process name.

  • %h — The client's hostname (or IP address, if the hostname is unavailable).

  • %H — The server's hostname (or IP address, if the hostname is unavailable).

  • %n — The client's hostname. If unavailable, unknown is printed. If the client's hostname and host address do not match, paranoid is printed.

  • %N — The server's hostname. If unavailable, unknown is printed. If the server's hostname and host address do not match, paranoid is printed.

  • %p — The daemon process ID.

  • %s — Various types of server information, such as the daemon process and the host or IP address of the server.

  • %u — The client's username. If unavailable, unknown is printed.


Monitoring Separate SSH Log File

# tailf /var/log/abusive.log

Log File

Similar SSH log lines from /var/log/abusive.log would be

Fri Jul 25 10:26:52 WAT 2008 from hostname.google.com

The above should work out right with RedHat, CentOS, Fedora, White OS distros.

All is done.

How To Allow and Deny SSH Access To Selected Hosts and IP Addresses

With default OpenSSH installation, SSH allows access to any clients. This retriction can be configured to allow SSH access only to certain hosts and IP addresses to decrease unauthorized SSH login attempts to known and particular computer hosts and IP addresses only.

SSH Access Restrictions via TCP Wrapper

Step One

1. Backup and modify /etc/hosts.allow

# nano -w /etc/hosts.allow

Allow and Deny SSH Access to Specific Hosts / IP Addresses

To allow SSH access to IP address 83.83.83.83 , modify /etc/hosts.allow to reflect the below lines

sshd: 83.83.83.83

Access will be granted if both pairs represent a match. TCP wrappers should allow access if a matching SSH protocol and an IP address 83.83.83.83 is present from the requesting connection.

To allow SSH access to all hosts and/or subdomain(s) that is part of the parent domain yahoo.com

sshd:  .yahoo.com

To grant SSH access to multiple IP address, simply append multiple address as shown

sshd: 83.83.83.83 127.0.0.1 83.83.83.84 192.168.1.1

To allow SSH access to starting IP address

sshd: 192.168.

To allow SSH access with network IP netmask

sshd: 192.168.1.0/255.255.255.0

To use asterisk (*) from /etc/hosts.allow

sshd: *.yahoo.com

To specify a large set of IP addresses and known hosts from a file

sshd:  /etc/allowed.txt

To specify multiple hosts and IP addresses with excemption using except TCP wrapper operator

sshd: .yahoo.com EXCEPT search.yahoo.com

To allow access to everyone under .yahoo domain except 83.83.83.83

sshd: *.yahoo.com EXCEPT 83.83.83.83

To specify multiple SSH access restriction with multiple lines

sshd: 111.111.111.111

sshd: 222.222.222.222

If the above access lists rules appears inside /etc/hosts.allow, TCP wrappers allows the request. If the above lines appears from /etc/hosts.deny, TCP wrappers deny the request.

Step Two

To deny any other ssh access except from the ones listed from /etc/hosts.allow, backup and modify /etc/hosts.deny file

ALL: sshd

Save and exit.

All is done.

Thursday, July 24, 2008

Fedora 10 - Friends, Freedom, Features, and First

Fedora is planning to have a new project motto foundation. Instead of having infinity / freedom and voice as a front motto banner, an alternative plan to move it to friend, freedom, features and first is currently being escalated.

See more here.

Fedora 10 - Friends, Freedom, Features, and First

Fedora is planning to have a new project motto foundation. Instead of having infinity / freedom and voice as a front motto banner, an alternative plan to move it to friend, freedom, features and first is currently being escalated.

See more here.

The Mess That is Linux Volume Management

The GNU/Linux operating system is blessed to have sound partition management tools like GParted which are very easy to use. However, when it comes to the management of 'virtual partitions' known as volumes, things are quite different. There is Linux Volume Management, or LVM for short, however it can only really be used from the command line...


Complete Story

Are We About to Witness a Real OS X virus?

Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived...


Complete Story

Security is No Secret

NSA takes its Flask architecture to the open-source community to offer an inexpensive route to trusted systems. "What it really helps out with is something called zero-day exploits," said Daniel Walsh, a principal software engineer at Red Hat and leader of the company's SELinux team. "If you have a bug in your software that allows a machine to be taken over, SELinux [provides] another layer of controls to make sure that application only does what is was designed to do. SELinux is your last line of defense."..


Complete Story

Enterprise Storage Solution Using Nand Flash and ZFS

Sun CEO Jonathan Schwartz has an interesting blog entry about how Sun Microsystems will start introducing Nand Flash with ZFS as an enterprise storage solution by the end of this year. With the price of Flash memory already plummeting this could be an economical alternative to the expensive NAS solutions...


Complete Story

Shuttleworth Sets Bar For Linux 'Beyond Apple'

Mark Shuttleworth today urged development of Linux models to rival what Apple has done on the desktop and mobile devices. Certainly on the desktop experience, we need to shoot beyond the Mac, but I think it's equally relevant [in] the mobile space, Shuttleworth said, outlining the challenge as figuring out how to deliver a 'crisp and clean' experience, without sacrificing the community process. Key to this will be services-based mechanisms for creating revenue for free software that go beyond advertising, Shuttleworth said, adding that cadence in free software releases spurs innovation, and that a regular release schedule, as well as meaningful ties to Windows, will be essential to fulfilling the vision...


Complete Story

Why We Still Need the iPhone App Black Market

There are no less than five apps to turn my iPhone into a flashlight, yet I can't turn it into a 3G-powered Wi-Fi hotspot. Why? Because the SDK has more restrictions than Guantanamo-devs can't integrate with the OS and have to steer way, way clear of copyright and trademark issues-so the most innovative, game-changing apps might not ever make it to your squeaky clean iPhone." An editorial by Gizmodo. Many kinds of apps (from multi-IM apps running on the background, to copy/paste) require the level of system integration that either is not possible via the existing official API, or that Apple artificially limits via lawyers...


Complete Story

DragonFly BSD 2.0 Released

Matthew Dillon has announced the availability of DragonFly BSD 2.0. Also HAMMER filesystem is released with the new DragonFly. Read the full Release Notes...


Complete Story

Interview with Mandriva's KDE Developer Helio Castro

The How Software is Built blog secured an interview with Helio Chissini de Castro, one of the KDE developers employed by Linux distributor Mandriva. Helio talks about Mandriva, about KDE 4, and about the state of open source software in Brazil, where he is based...


Complete Story

Mandriva and PTech Announce Low-cost Desktop

Mandriva and Precedent Technologies (PTech) are pleased to announce a new partnership, working together on the release in September in the United States of a new low-cost desktop - the TechSurfer - with Intel Atom CPUs and Mandriva Linux preinstalled. TechSurfer is a web-centric computing platform that is designed for customers who mostly surf the web; download music; and utilize VOIP services, such as Skype. The TechSurfer platform is also suitable for light desktop applications. TechSurfer is powered by the Intel Atom processor. The Atom processor was designed especially for web-centric computers. TechSurfer prices starts at $399.99 with Mandriva Linux pre-installed: Microsoft Windows will cost an extra $100. The system will come with a three-year manufacturer's warranty. Find out more in the press release.
Editor's note: Looks like Mandriva is taking full-advantage of the Low-cost hardware arena. First the Intel's ClassmatePC then the GDium and now PTech...


Complete Story

The Coco Bidet and Toilet Technology

"The Japanese love those things!" That's what I've heard a lot of people say when I've talked to them about my latest obsession, the Coco 6035Re Bidet toilet seat. As part of OSNews' ongoing project, "Building The Wired Home," I wanted to try to see what the march of technological progress has brought to the bathroom, so we installed a bidet seat in OSNews' House of the Future. It turns out, I'm pretty impressed...


Complete Story

The Mess That is Linux Volume Management

The GNU/Linux operating system is blessed to have sound partition management tools like GParted which are very easy to use. However, when it comes to the management of 'virtual partitions' known as volumes, things are quite different. There is Linux Volume Management, or LVM for short, however it can only really be used from the command line...


Complete Story

Are We About to Witness a Real OS X virus?

Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived...


Complete Story

Security is No Secret

NSA takes its Flask architecture to the open-source community to offer an inexpensive route to trusted systems. "What it really helps out with is something called zero-day exploits," said Daniel Walsh, a principal software engineer at Red Hat and leader of the company's SELinux team. "If you have a bug in your software that allows a machine to be taken over, SELinux [provides] another layer of controls to make sure that application only does what is was designed to do. SELinux is your last line of defense."..


Complete Story

Enterprise Storage Solution Using Nand Flash and ZFS

Sun CEO Jonathan Schwartz has an interesting blog entry about how Sun Microsystems will start introducing Nand Flash with ZFS as an enterprise storage solution by the end of this year. With the price of Flash memory already plummeting this could be an economical alternative to the expensive NAS solutions...


Complete Story

Shuttleworth Sets Bar For Linux 'Beyond Apple'

Mark Shuttleworth today urged development of Linux models to rival what Apple has done on the desktop and mobile devices. Certainly on the desktop experience, we need to shoot beyond the Mac, but I think it's equally relevant [in] the mobile space, Shuttleworth said, outlining the challenge as figuring out how to deliver a 'crisp and clean' experience, without sacrificing the community process. Key to this will be services-based mechanisms for creating revenue for free software that go beyond advertising, Shuttleworth said, adding that cadence in free software releases spurs innovation, and that a regular release schedule, as well as meaningful ties to Windows, will be essential to fulfilling the vision...


Complete Story

Why We Still Need the iPhone App Black Market

There are no less than five apps to turn my iPhone into a flashlight, yet I can't turn it into a 3G-powered Wi-Fi hotspot. Why? Because the SDK has more restrictions than Guantanamo-devs can't integrate with the OS and have to steer way, way clear of copyright and trademark issues-so the most innovative, game-changing apps might not ever make it to your squeaky clean iPhone." An editorial by Gizmodo. Many kinds of apps (from multi-IM apps running on the background, to copy/paste) require the level of system integration that either is not possible via the existing official API, or that Apple artificially limits via lawyers...


Complete Story

DragonFly BSD 2.0 Released

Matthew Dillon has announced the availability of DragonFly BSD 2.0. Also HAMMER filesystem is released with the new DragonFly. Read the full Release Notes...


Complete Story

Interview with Mandriva's KDE Developer Helio Castro

The How Software is Built blog secured an interview with Helio Chissini de Castro, one of the KDE developers employed by Linux distributor Mandriva. Helio talks about Mandriva, about KDE 4, and about the state of open source software in Brazil, where he is based...


Complete Story

Mandriva and PTech Announce Low-cost Desktop

Mandriva and Precedent Technologies (PTech) are pleased to announce a new partnership, working together on the release in September in the United States of a new low-cost desktop - the TechSurfer - with Intel Atom CPUs and Mandriva Linux preinstalled. TechSurfer is a web-centric computing platform that is designed for customers who mostly surf the web; download music; and utilize VOIP services, such as Skype. The TechSurfer platform is also suitable for light desktop applications. TechSurfer is powered by the Intel Atom processor. The Atom processor was designed especially for web-centric computers. TechSurfer prices starts at $399.99 with Mandriva Linux pre-installed: Microsoft Windows will cost an extra $100. The system will come with a three-year manufacturer's warranty. Find out more in the press release.
Editor's note: Looks like Mandriva is taking full-advantage of the Low-cost hardware arena. First the Intel's ClassmatePC then the GDium and now PTech...


Complete Story

The Coco Bidet and Toilet Technology

"The Japanese love those things!" That's what I've heard a lot of people say when I've talked to them about my latest obsession, the Coco 6035Re Bidet toilet seat. As part of OSNews' ongoing project, "Building The Wired Home," I wanted to try to see what the march of technological progress has brought to the bathroom, so we installed a bidet seat in OSNews' House of the Future. It turns out, I'm pretty impressed...


Complete Story

Automatix Comes to Fedora 9 - FedoMATIX

Remember Automatix? Yes the nifty little application that made installing additional softwares on the Ubuntu system a breeze. Here comes the same for Fedora 9, FedoMATIX (v0.1Beta). It currently works on the command line only, but supports more than 60 additional softwares/apps already. The next version, which is due release in 2 months, will feature a GUI and many more softwares and hacks.

Read more.

Automatix Comes to Fedora 9 - FedoMATIX

Remember Automatix? Yes the nifty little application that made installing additional softwares on the Ubuntu system a breeze. Here comes the same for Fedora 9, FedoMATIX (v0.1Beta). It currently works on the command line only, but supports more than 60 additional softwares/apps already. The next version, which is due release in 2 months, will feature a GUI and many more softwares and hacks.

Read more.

#1 Supercomputer in the World Runs Fedora

Who says the Fedora is unstable and unreliable? The latest razor-sharp and bleeding-edge Fedora Linux OS powers the #1 supercomputer in the world!

The #1 supercomputer in the world, the IBM Roadrunner, produced at a cost of nearly $100 million dollars, runs Fedora. IBM has been working on and contributing to Fedora, using it as a prototype for the new cell architecture that leads to this supercomputer.

Read more.

#1 Supercomputer in the World Runs Fedora

Who says the Fedora is unstable and unreliable? The latest razor-sharp and bleeding-edge Fedora Linux OS powers the #1 supercomputer in the world!

The #1 supercomputer in the world, the IBM Roadrunner, produced at a cost of nearly $100 million dollars, runs Fedora. IBM has been working on and contributing to Fedora, using it as a prototype for the new cell architecture that leads to this supercomputer.

Read more.

How To Install An Extremely Fast, Lightweight, But Feature-riched Multi-Tab File Manager

Powerful linux file managers have been around for quite long time. They have revolutionized how file management can easily be done inside Linux X. This has been possible with the continuous stable development of Linux X features and stability. Current file managers have offered a lot of feature-rich and powerful file manager intuitive interface and functions. File managers distributed together KDE, GNOME and XFCE have done a well done work indeed.

Now, here's the newest released of extremely fast and feature-rich but lightweight linux file manager.

PCMan File Manager

PCMan File Manager is an extremely fast and lightweight file manager which features multi tabbed browsing and user-friendly interface at the same time. PCMan is a powerful file manager but slim in memory resource usage and feature a multi-tab functionality that suits your heavy file operation needs while enjoying your low powered PC linux desktops. PCMan's file management interface behaves with a unique combination based from multi world of file manager like nautilus, windows explorer while offering the functionality feature similar to firefox multitab browser.

PCMan File Manager Installation in Fedora

# yum -y install pcmanfm



PCMan's Highlighted Features


  • Extremely fast and lightweight

  • Can be started in one second on normal machine

  • Tabbed browsing (Similiar to Firefox)

  • Built-in volume management (mount/umount/eject through HAL)

  • Built-in file searching utility (GUI frontend for the UNIX find + grep command)

  • Drag & Drop support

  • Files can be dragged among tabs

  • Load large directories in reasonable time

  • File association support (Default application)

  • Thumbnail for image files

  • Bookmarks support

  • Handles non-UTF-8 encoded filenames correctly

  • Provides icon view, compact view, and detailed list view

  • Standard compliant (Follows FreeDesktop.org)

  • Clean and user-friendly interface (GTK+ 2)


More PCMan File Manager info can be viewed here.

How To Bypass DNS Log Monitoring By Your ISP

Resolving domains into human-readable IP addresses requires DNS IP addresses from your ISP. The DNS nature of resolving domain names into its equivalent IP addresses provides a lot of things to you and your ISP provider.

DNS Nature

One major thing that this DNS nature setup provides you is browsing convenience. Since DNS resolves domains into IP addresses, a user does not need to memorize all the converted IP addresses of all websites, as domain names are easy to remember.

But do you know that putting your ISP's DNS IP addresses into your network setting also allows your ISP to log all websites that you are browsing? DNS server setup by ISPs can generate logs of DNS resolutions.

This basically means, when you browse google.com website, DNS servers from ISPs resolves google.com into its equivalent IP addresses and at the same time, this process verbosely logs this DNS resolution process into server's DNS log file. Thus, system admins and DNS engineers could actually monitor and check those resolved websites by their DNS servers and they can easily tell if you are able to browse www.google.com or not.

Below are examples of websites being resolved by a DNS server.

Jul 24 16:55:24 ilovetux named[1282]: client 83.83.83.83 #60586: query: www.google.com IN A +
Jul 24 16:55:24 ilovetux named[1282]: client 83.83.83.83 #60587: query: www.bbc.com IN A +
Jul 24 16:55:24 ilovetux named[1282]: client 83.83.83.83 #60589: query: www.ilovetux.com IN A +

What if you do not want your ISP to log all websites that you are browsing?

One way to avoid this is to use alternative DNS IP addresses not managed by your current ISP setup.

Setup An Alternative DNS IP Addresses

Step One

One pair of publicly available DNS server is 198.6.1.1 and 198.6.1.2. Simply edit your network settings and change your DNS to reflect the new DNS IP addresses. In Fedora, Redhat, Centos, White OS; edit your /etc/resolv.conf

# nano -w /etc/resolv.conf

Restart DNS service

# service named restart

The above works without having an authoritative and caching DNS setup from your current linux box.

Step Two

Test your new DNS IP address from command line terminal

# nslookup yahoo.com

If the above resolves yahoo.com into its equivalent IP addresses without any errors, you should be able to start browsing the net.

Note that this scenario would work if your ISP does not block and reject any DNS query request from local clients going to any other DNS servers aside from their own DNS servers.

All is done.

Veteran developer ditches Microsoft for open source

If you've ever used Microsoft Access or Excel, you have likely used a product that Mike Gunderloy had a hand in developing. The irony is that Gunderloy himself doesn't use those products anymore. He's given up Microsoft for open source -- and he's not going back.

..


Complete Story

Why not learn a little language while you work, Amigo?

Books, CDs, flashcards, classes -- there are a lot of tools to help you learn a foreign language. If you spend much of your time near a computer, software may be one of the better options. Ian McIntosh's Amigo is a friendly language utility for the Linux user, notable for how well it integrates into the desktop...


Complete Story

Kernel space: Full disclosure for security holes

Even the most casual observer of the linux-kernel mailing must have noticed that, in the shadow of the firmware flame war, there is also a heated discussion over the management of security issues. There have also been some attempts to turn this local battle into a multi-list, regional conflict. Finding the right way to deal with security problems i..


Complete Story

Veteran developer ditches Microsoft for open source

If you've ever used Microsoft Access or Excel, you have likely used a product that Mike Gunderloy had a hand in developing. The irony is that Gunderloy himself doesn't use those products anymore. He's given up Microsoft for open source -- and he's not going back.

..


Complete Story

Using Adobe Flash and other 32-bit applications on 64-bit Linux

64-bit computing is as prevalent today as multicore computing. Almost any new processor from Intel or AMD has the AMD long mode extensions, allowing the processor to use 64-bit registers. While 32-bit processors can address 4 gigabytes of RAM, a 64-bit processor can address 16 exabytes, or almost 17.2 billion gigabytes, of RAM. Most 64-bit-capable computers aren't making use of these capabilities, but instead are put to work running 32-bit operating systems, usually because of a lack of applications for 64-bit operating systems, since applications must be recompiled and in some cases rewritten for 64-bit operation. It is possible, however, to run 32-bit Linux binaries natively under 64-bit Linux kernels.

..


Complete Story

Why not learn a little language while you work, Amigo?

Books, CDs, flashcards, classes -- there are a lot of tools to help you learn a foreign language. If you spend much of your time near a computer, software may be one of the better options. Ian McIntosh's Amigo is a friendly language utility for the Linux user, notable for how well it integrates into the desktop...


Complete Story

Kernel space: Full disclosure for security holes

Even the most casual observer of the linux-kernel mailing must have noticed that, in the shadow of the firmware flame war, there is also a heated discussion over the management of security issues. There have also been some attempts to turn this local battle into a multi-list, regional conflict. Finding the right way to deal with security problems i..


Complete Story

How To Stop and Block Script Kiddies Attacking Your SSH Port

Hundreds of windows scripts and softwares can be used to launch a brute force SSH attack to your SSH ports. These brute force attacks can easily send a combination of username and password pairs into your SSH port on automatic mode or on scheduled time period.

Most alarming feature of these kind of scripts and program malwares is that brute force details like username and password, can automatically be fed and supplied from millions of possible usernames and passwords pairs using a large base of dictionary file. The dictionary is widely available from internet and is compiled to have the most commonly used username and password combinations consisting of standard english names, numbers and special character combinations to provide a higher ratio of successful brute force SSH attack.

There are a lot of ways to handle SSH brute force attacks. One approach is by using Blockhosts rpm package.

Blockhosts scans log files for matching signatures. Blockhosts keeps track of records of how many times an attacking host failed to login via SSH and other ports before dropping the attacker to deny host file or blackhole file list. In other words, blockhost offers an automatic blocking of abusive IPs against specific daemon service like SSH ports, FTP ports and the like.

BlockHosts Installation

Blockhosts is not currently supported by Fedora repos. Download blockhosts rpm here and install it using rpm package installer.

# rpm -ivh BlockHosts-2.4.0-1.noarch.rpm

BlockHosts Setup and Configuration

Backup and modify /etc/blockhosts.cfg

Blockhosts would work by default configuratoin. Blockhosts installed its configuration file to

/etc/blockhosts.cfg

However, the most important line from /etc/blockhosts.cfg is the threshold value.

Blockhosts Threshold

This is the trigger point by blockhosts where the process of blocking abusive host would then be triggered.

COUNT_THRESHOLD = 7

Remember to remove comment characters # when modifying blockhosts configuration value.

Blockhosts Deny File

This could be either /etc/hosts.allow or /etc/hosts.deny files and can be configured with the similar setup line.

HOSTS_BLOCKFILE = "/etc/hosts.deny"

Blockhosts Deny Line

When blockhosts blocks an abusive IP, it drops the current IP to blockhosts deny file followed by SSH recognized line like

HOST_BLOCKLINE = ["ALL: ", " : deny"]

Accept as default.

Blockhosts Age Threshold

The main blockhosts program feature is to lessen the paranoid level of blocking hosts permanently. An optional threshold value measured in number of hours can be specified. This value can unblock and release the abusive IP addresses from the blackhole list or deny file.

AGE_THRESHOLD = 12

The above line leaves an abusive host or IP to blocked list for 12 hours quarantine time.
Blockhosts Whitelist and Blacklist Labels

Identity excemptions using black and white list is also featured by blockhosts. A black and white list enlistment for multiple hosts can be done by using the below configuration lines.

WHITELIST = [ "127.0.0.1", "10\.0\.0\..*", ]
BLACKLIST = [ "192.168.10.1", "10\..*", ]

BlockHosts Monitored Log Files

Specify here the log files that blockhosts needs to monitor from

LOGFILES = [ "/var/log/secure", "/var/log/vsftpd.log", ]

Log file(s) can be separated by comma.

Blockhosts Alerts and Email Notification

You can edit the blockhosts mail feature for alerts and email notifications.

MAIL = True
NOTIFY_ADDRESS = 'root@localhost.localdomain'

Lastly, edit your blockhosts deny file. You can refer to block host deny file.

# nano -w /etc/hosts.deny

Alternatively, if you specify the same deny host file of /etc/hosts.allow

# nano -w /etc/hosts.allow

Append the below lines into your blockhosts deny file.

#---- BlockHosts Additions

#---- BlockHosts Additions

Save and exit.

Blockhosts package supports blocking hosts based from failed attempts on ports by daemon services like OpenSSH, ProFTPd, VsFTPd, Pure-FTPd and more. For more installation help, you can view Blockhosts help file.

# nano -w /usr/share/doc/BlockHosts-2.4.0/INSTALL

Execute Blockhosts Binary


# blockhosts.py --verbose

The above line scans your blockhost log files for possible brute force attack and failed authentication logins. If found, abusive hosts and IP addresses would be enlisted to blockhosts deny file.

Blockhosts Crontab Scheduling

By regularly checking your system logs for possible abusive hosts, you can schedule a regular blockhosts check

Say, every 10 minutes check interval

*/10 * * * * /usr/bin/blockhosts.py  > /dev/null 2>&1

The above line executes blockhosts phyton binary to check and monitor its log files for possible abusive script kiddies and port attacks. More info here.

All is done.

Sign up for PayPal and start accepting credit card payments instantly.
ILoveTux - howtos and news | About | Contact | TOS | Policy