Sunday, December 26, 2010

Free Wound Care Forms

Three more Twitter clients for Ubuntu Ubuntu Security

Since I published the article Four Twitter clients for Ubuntu have not spent much time, though they have appeared interesting alternative to programs where they discussed. Let's do a review of some of these developments saying the main advantages of each.

  • Hotot
This lightweight flexible Twitter client looks really good and a very low resource consumption.

To install run: sudo
add-apt-repository ppa: hotot-team & & sudo apt-get update & & sudo apt-get install hotot

A Once installed you can launch from the console by typing hotot & or from the menu Applications - Internet - Hotot Twitter Client

Hotot

Its main advantages:
- Consumption of RAM: 33MB
- Supports extensions
- Preview images without loading them into the browser
- is integrated into the reporting system for Gnome and KDE
- Based on Python

  • Turpial
Its characteristics are very Hotot similar to, and noted for being simple, light and refined appearance.

To install it: sudo
add-apt-repository ppa: effie-jayx/turpial & & sudo apt-get update & & sudo apt-get install turpial

Once installed it will available from the menu Applications - Internet - Oriole

Turpial

Its main advantages:
- Consumption RAM: 22.4 mb
- Based on Python
- Ability to "silence" temporarily
users
- Good balance between simplicity and configurability

  • TweetDeck
This is probably the most compelted client I tried, but has a terrible disadvantage others: the system is based on Adobe Air, which means it is a great consumer of resources.

need to install the Air environment, you can download the package. Deb http://get.adobe.com/es/air/ directly and install it with the package manager. Once installed go to the website TweetDeck and click on the download button.

Once we installed the program available from the menu Applications - Accessories - TweetDeck


TweetDeck

Its main advantages:
- Multiplatform (Linux, Windows, Mac)
- Supports Twitter, Facebook, Buzz, Myspace and other popular social networks
- preview videos and pictures
- Publish tweets
scheduled
- Synchronization and backup account
- Twitscoop and Trending Topics, lists, filters ...

Among the disadvantages:
- Consumption of RAM: 93MB
- Adobe Air does not get along very well with 64-bit systems

  • More

Twitter Hotot
Posted by admin at 3:00 PM 0 comments

Free Wound Care Forms

Three more Twitter clients for Ubuntu Ubuntu Security

Since I published the article Four Twitter clients for Ubuntu have not spent much time, though they have appeared interesting alternative to programs where they discussed. Let's do a review of some of these developments saying the main advantages of each.

  • Hotot
This lightweight flexible Twitter client looks really good and a very low resource consumption.

To install run: sudo
add-apt-repository ppa: hotot-team & & sudo apt-get update & & sudo apt-get install hotot

A Once installed you can launch from the console by typing hotot & or from the menu Applications - Internet - Hotot Twitter Client

Hotot

Its main advantages:
- Consumption of RAM: 33MB
- Supports extensions
- Preview images without loading them into the browser
- is integrated into the reporting system for Gnome and KDE
- Based on Python

  • Turpial
Its characteristics are very Hotot similar to, and noted for being simple, light and refined appearance.

To install it: sudo
add-apt-repository ppa: effie-jayx/turpial & & sudo apt-get update & & sudo apt-get install turpial

Once installed it will available from the menu Applications - Internet - Oriole

Turpial

Its main advantages:
- Consumption RAM: 22.4 mb
- Based on Python
- Ability to "silence" temporarily
users
- Good balance between simplicity and configurability

  • TweetDeck
This is probably the most compelted client I tried, but has a terrible disadvantage others: the system is based on Adobe Air, which means it is a great consumer of resources.

need to install the Air environment, you can download the package. Deb http://get.adobe.com/es/air/ directly and install it with the package manager. Once installed go to the website TweetDeck and click on the download button.

Once we installed the program available from the menu Applications - Accessories - TweetDeck


TweetDeck

Its main advantages:
- Multiplatform (Linux, Windows, Mac)
- Supports Twitter, Facebook, Buzz, Myspace and other popular social networks
- preview videos and pictures
- Publish tweets
scheduled
- Synchronization and backup account
- Twitscoop and Trending Topics, lists, filters ...

Among the disadvantages:
- Consumption of RAM: 93MB
- Adobe Air does not get along very well with 64-bit systems

  • More

Twitter Hotot
Posted by admin at 3:00 PM 0 comments

Sunday, December 19, 2010

Certificate Appreciation Wording

(VI) - system analysis tools

An important aspect in safety and that many people ignore are more or less regular analysis of the system. These tests help us detect possible intrusions, assess and predict system security which are the main risks.

There are numerous tools for these tasks, some of them very simple, some complex. In this article I will introduce some that I found most useful and easy to use.

  • What ports / services I have open? Nmap
Most remote intrusions occur through gaps in services we give to the outside. These services open ports through which it is theoretically possible to access the system.

nmap command we will (inter alia) to list these services:
sudo apt-get install nmap nmap
localhost

This will install nmap and list ports / services offered by our system, in my case for example this is the result: Starting Nmap
5.21 (http://nmap.org) at 12/09/2010 14:14 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00060s latency).
Hostname localhost resolves to 2 IPs. Only scanned 127.0.0.1
RDNS record for 127.0.0.1: localhost.localdomain
Not Shown: 997 closed ports
PORT STATE SERVICE 21/tcp open
ftp
139 / tcp open netbios-ssn 445/tcp
open microsoft-ds 631/tcp open
ipp

These results correspond to sharing files using Samba (ports 139 and 445), the network printer service (port 631) and ftp file server that I installed (port 21).

If you see ports or services that you need not listed you can disable the corresponding package uninstalling or modifying the startup scripts by following this article Optimize The Boot (II) Bum

Note: If you do not know exactly what a port / service can consult the web http://www.speedguide.net/ports.php

Another important point to be scanned, is the router (mainly for those connections you have ADSL), this scan will show what ports / services are directly accessible from the outside. Nmap 192.168.1.1

Just have to give nmap the IP address of your router. In my case this was the result: Starting Nmap
5.21 (http://nmap.org) at 12/09/2010 16:30 CET
Nmap scan report for 192.168.1.1 Host is
up (0.0035s latency).
Not Shown: 997 closed ports
PORT STATE SERVICE 21/tcp
open ftp 23/tcp open telnet
80/tcp open http

These results correspond to the methods of access to the configuration of the router (telnet and web port 23 port 80) and ftp port forwarding (port 21) to my local file server.

If you see ports or services that you need not listed you can disable or restrict access from the outside by setting the correct options for your router.

Note: you can see what ports / services are visible from outside the scanner found http://www.speedguide.net/portscan.php

  • Do I have cast a trojan? Rkhunter
A Trojan is a type of malicious software that is generally intended to theft of private information from the infected system. They differ from viruses in that they generally do not cause visible damage.

GNU / Linux is not invulnerable to this type of software and infection is relatively easy, to know if we have been "infected" by some kind of Trojan have rkhunter tool, installation is simple
sudo apt-get install rkhunter

Once installed, run it with Order:
sudo rkhunter-c

This command will run a series of tests looking for Trojans and will ultimately result in a report like this: System checks
summary === ==================

File properties checks ...
Files checked: 131 Suspect files
: 0

Rootkit checks ...
Rootkits checked: 242 Possible rootkits
: 0

Applications
checks ... All checks skipped

Took The system checks: 1 minute and 46 seconds

All results
Have Been Written to the log file (/ var / log / rkhunter.log)

One or more warnings Have Been Found while checking the system.
Please check the log file (/ var / log / rkhunter.log)

If there is a Trojan program itself will give us instructions on how to remove and links to more information about the problem.


  • What users enter the system? Lastlog
All access to the system are logged and can consult the register to see if someone is accessing your computer remotely as well as locally.

To view the log entries execute the command lastlog :
lastlog committed user and run rkhunter
to ensure that we have made any gifts in disguise.
More

List of ports: http://www.speedguide.net/ports.php

Port Scanners on-line: http://www
. speedguide.net / portscan.php
    Help
  • ADSL routers: http://www.adslayuda.com/
Trojans:
http://es.wikipedia.org/wiki/Troyano_ (inform% C3% A1tica)
Related Articles
Security
Ubuntu (I) - Introduction
Ubuntu Security (II) - User and Password Security
  • Ubuntu (III) - Software Insurance
    • Ubuntu Security
(IV ) - The firewall
Security In Ubuntu (V) - The Antivirus
Posted by admin at 3:00 PM 0 comments

Certificate Appreciation Wording

(VI) - system analysis tools

An important aspect in safety and that many people ignore are more or less regular analysis of the system. These tests help us detect possible intrusions, assess and predict system security which are the main risks.

There are numerous tools for these tasks, some of them very simple, some complex. In this article I will introduce some that I found most useful and easy to use.

  • What ports / services I have open? Nmap
Most remote intrusions occur through gaps in services we give to the outside. These services open ports through which it is theoretically possible to access the system.

nmap command we will (inter alia) to list these services:
sudo apt-get install nmap nmap
localhost

This will install nmap and list ports / services offered by our system, in my case for example this is the result: Starting Nmap
5.21 (http://nmap.org) at 12/09/2010 14:14 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00060s latency).
Hostname localhost resolves to 2 IPs. Only scanned 127.0.0.1
RDNS record for 127.0.0.1: localhost.localdomain
Not Shown: 997 closed ports
PORT STATE SERVICE 21/tcp open
ftp
139 / tcp open netbios-ssn 445/tcp
open microsoft-ds 631/tcp open
ipp

These results correspond to sharing files using Samba (ports 139 and 445), the network printer service (port 631) and ftp file server that I installed (port 21).

If you see ports or services that you need not listed you can disable the corresponding package uninstalling or modifying the startup scripts by following this article Optimize The Boot (II) Bum

Note: If you do not know exactly what a port / service can consult the web http://www.speedguide.net/ports.php

Another important point to be scanned, is the router (mainly for those connections you have ADSL), this scan will show what ports / services are directly accessible from the outside. Nmap 192.168.1.1

Just have to give nmap the IP address of your router. In my case this was the result: Starting Nmap
5.21 (http://nmap.org) at 12/09/2010 16:30 CET
Nmap scan report for 192.168.1.1 Host is
up (0.0035s latency).
Not Shown: 997 closed ports
PORT STATE SERVICE 21/tcp
open ftp 23/tcp open telnet
80/tcp open http

These results correspond to the methods of access to the configuration of the router (telnet and web port 23 port 80) and ftp port forwarding (port 21) to my local file server.

If you see ports or services that you need not listed you can disable or restrict access from the outside by setting the correct options for your router.

Note: you can see what ports / services are visible from outside the scanner found http://www.speedguide.net/portscan.php

  • Do I have cast a trojan? Rkhunter
A Trojan is a type of malicious software that is generally intended to theft of private information from the infected system. They differ from viruses in that they generally do not cause visible damage.

GNU / Linux is not invulnerable to this type of software and infection is relatively easy, to know if we have been "infected" by some kind of Trojan have rkhunter tool, installation is simple
sudo apt-get install rkhunter

Once installed, run it with Order:
sudo rkhunter-c

This command will run a series of tests looking for Trojans and will ultimately result in a report like this: System checks
summary === ==================

File properties checks ...
Files checked: 131 Suspect files
: 0

Rootkit checks ...
Rootkits checked: 242 Possible rootkits
: 0

Applications
checks ... All checks skipped

Took The system checks: 1 minute and 46 seconds

All results
Have Been Written to the log file (/ var / log / rkhunter.log)

One or more warnings Have Been Found while checking the system.
Please check the log file (/ var / log / rkhunter.log)

If there is a Trojan program itself will give us instructions on how to remove and links to more information about the problem.


  • What users enter the system? Lastlog
All access to the system are logged and can consult the register to see if someone is accessing your computer remotely as well as locally.

To view the log entries execute the command lastlog :
lastlog committed user and run rkhunter
to ensure that we have made any gifts in disguise.
More

List of ports: http://www.speedguide.net/ports.php

Port Scanners on-line: http://www
. speedguide.net / portscan.php
    Help
  • ADSL routers: http://www.adslayuda.com/
Trojans:
http://es.wikipedia.org/wiki/Troyano_ (inform% C3% A1tica)
Related Articles
Security
Ubuntu (I) - Introduction
Ubuntu Security (II) - User and Password Security
  • Ubuntu (III) - Software Insurance
    • Ubuntu Security
(IV ) - The firewall
Security In Ubuntu (V) - The Antivirus
Posted by admin at 3:00 PM 0 comments

Sunday, October 10, 2010

Projector Repair In Fredericton

Restoring programs and settings after a reinstalling Ubuntu Security

10.10) we face the eternal dilemma "upgrade or do a clean install? Here are the advantages of each method.


Update: The main advantage is that the system is exactly as we had before the upgrade, with the same settings and the same programs installed, but with all the latest news and updates to the new Ubuntu.
Clean Install: let the system clean, ensuring that everything works perfectly and no errors crept above configuration.
In most cases, ideally a mix: a clean system but maintaining the user settings and programs previously installed manually. In this this article we will see how to get it, a system installed from scratch while maintaining programs and persoanlizaciones we had in the previous system.

Keep user settings

All user settings, without exception, are in the directory
/ home
, all you have to do is keep this folder unchanged.

    two different situations may occur which
  • directory / home is on the same partition as the rest of the system (so that its contents are erased with the new installation) or is on a separate partition.
/ home on a separate partition, this case gives us a lot of things, all we do is select manual partitioning during the installation process and ensure that the partition
/ home
refitted in
/ home
and is NOT checked the box format.

/ home
in the root partition: in this case we make a backup of the entire directory
/ home as this will be deleted during the installation. 1. Create a backup BEFORE the upgrade: cd / & & sudo tar cvfz backup_home.tar.bz2 / home
Save the file
backup_home.tar.bz2
in a place that we know will not delete, such as a USB drive
2. Install the new system, installed the new Ubuntu normally
3. Restore the backup after the upgrade:
cd / & & sudo tar xvfz backup_home.tar.bz2


Note: For this method to work well as new users should call The system old.

Restore installed programs
Another issue that may take a while after an installation is to reinstall all the programs we had with See by, however this can be solved with such only two commands:

1. Get the list of installed programs: Before the upgrade, the old system will get the list of programs installed with the command: sudo
  • dpkg - get-selections Save the file lista_de_paquetes.txt on a site that we know will not delete, such as a USB drive
2. Install the new system, installed the new Ubuntu normally

3. Reinstall all programs: After installation we will not have the software installed manually to retrieve the file will use
lista_de_paquetes.txt
as follows: cat
lista_de_paquetes.txt installed manually or using any other method.


Other customizations
may be the case we have any other customizations made manually over in the system, such as changing the system boot
/ boot
, files from a server web / var / www or system configuration files in
/ etc
to give a few examples.
In this case we will make a backup folder or affected folders and restore them in the updated system:

cd / & & sudo cvfz tar backup.tar.gz / folder1 / folder2 ... # Create backup
  • cd / & & sudo tar xvfz backup.tar.gz # Restore Backup
More

Ubuntuforums:
Instal · lar from dpkg - get-selections

  • Move / home to a separate partition :
    • http://psychocats.net/ubuntu/separatehome
(English) Restore
repositories (and their keys) manually added: http://www.linuxmint-hispano.com/foro/?/topic, 6036.0.html
Related Articles after 10 basic actions Ubuntu install


Posted by admin at 3:00 PM 0 comments

Projector Repair In Fredericton

Restoring programs and settings after a reinstalling Ubuntu Security

10.10) we face the eternal dilemma "upgrade or do a clean install? Here are the advantages of each method.


Update: The main advantage is that the system is exactly as we had before the upgrade, with the same settings and the same programs installed, but with all the latest news and updates to the new Ubuntu.
Clean Install: let the system clean, ensuring that everything works perfectly and no errors crept above configuration.
In most cases, ideally a mix: a clean system but maintaining the user settings and programs previously installed manually. In this this article we will see how to get it, a system installed from scratch while maintaining programs and persoanlizaciones we had in the previous system.

Keep user settings

All user settings, without exception, are in the directory
/ home
, all you have to do is keep this folder unchanged.

    two different situations may occur which
  • directory / home is on the same partition as the rest of the system (so that its contents are erased with the new installation) or is on a separate partition.
/ home on a separate partition, this case gives us a lot of things, all we do is select manual partitioning during the installation process and ensure that the partition
/ home
refitted in
/ home
and is NOT checked the box format.

/ home
in the root partition: in this case we make a backup of the entire directory
/ home as this will be deleted during the installation. 1. Create a backup BEFORE the upgrade: cd / & & sudo tar cvfz backup_home.tar.bz2 / home
Save the file
backup_home.tar.bz2
in a place that we know will not delete, such as a USB drive
2. Install the new system, installed the new Ubuntu normally
3. Restore the backup after the upgrade:
cd / & & sudo tar xvfz backup_home.tar.bz2


Note: For this method to work well as new users should call The system old.

Restore installed programs
Another issue that may take a while after an installation is to reinstall all the programs we had with See by, however this can be solved with such only two commands:

1. Get the list of installed programs: Before the upgrade, the old system will get the list of programs installed with the command: sudo
  • dpkg - get-selections Save the file lista_de_paquetes.txt on a site that we know will not delete, such as a USB drive
2. Install the new system, installed the new Ubuntu normally

3. Reinstall all programs: After installation we will not have the software installed manually to retrieve the file will use
lista_de_paquetes.txt
as follows: cat
lista_de_paquetes.txt installed manually or using any other method.


Other customizations
may be the case we have any other customizations made manually over in the system, such as changing the system boot
/ boot
, files from a server web / var / www or system configuration files in
/ etc
to give a few examples.
In this case we will make a backup folder or affected folders and restore them in the updated system:

cd / & & sudo cvfz tar backup.tar.gz / folder1 / folder2 ... # Create backup
  • cd / & & sudo tar xvfz backup.tar.gz # Restore Backup
More

Ubuntuforums:
Instal · lar from dpkg - get-selections

  • Move / home to a separate partition :
    • http://psychocats.net/ubuntu/separatehome
(English) Restore
repositories (and their keys) manually added: http://www.linuxmint-hispano.com/foro/?/topic, 6036.0.html
Related Articles after 10 basic actions Ubuntu install


Posted by admin at 3:00 PM 0 comments

Sunday, September 19, 2010

Buy Aqua Socks Michigan

(V) - The Security

  • While GNU / Linux is a famous for its security, robustness and absence of virus (although some are), for better or for Unfortunately our favorite operating system often coexist with other systems much more vulnerable to attack by viruses, either on the same computer within a local network or Internet. For this reason there are solutions that we can install antivirus software and run it from Ubuntu.
What I can need an antivirus on GNU / Linux?


Scan Windows partition, if for example you download files using p2p programs and then open these files from windows could become infected with virus, a workaround is to scan them from Ubuntu before opening.
Keeping $ HOME partition virus free, although it is unlikely it could be the case downloaded files in Ubuntu that were infected and that this ultimately affects the system through programs such as Wine. To avoid scan everything you download from untrusted sources.

Add a filter to the mail server antivirus
    : If our system is Ubuntu mail server or gateway to other Windows workstations can be a good idea to install a resident anti-virus scan and remove any threat before it it comes to computers "sensitive.
native Antivirus


ClamAV ClamAV is an antivirus
open source, especially designed for analysis on mail servers. It
antivirus you are in the Ubuntu repositories for installation execute:
$ sudo aptitude install clamav ClamTk

we
After installation GUI
    available from the menu Applications - Accessories - Scanner
  • Virus. Its use is very intuitive and allows to scan any folder or file system.
ClamAV scanning a Windows partition Among its features most notable are the ability to schedule the scan (from menu Advanced
- Planner
), the possibility of working in resident (by installing the clamav-daemon), GUI for Gnome ( ClamTk ) and KDE (
KlamAV
), option to quarantine files ...


Avast: Avast also has a version for GNU / Linux free for noncommercial use (thou must register on the website by completing the registration form ). Although not in the repositories can download the deb package directly from your web

avast! Linux Edition (DEB package)

After downloading the file will install with the command: $ sudo dpkg-i-2_i386.deb avast4workstation_1.3.0 Understandably installation was unable to create the appropriate links in the Gnome menu, so it was necessary to start it from a terminal with the command: $ avastgui


Avast scanning $ HOME
Its operation is very intuitive, first of all update the database and once the update finished proceed to scan the selected folders or the entire system (not recommended).

AVG AVG is not in the repositories, but has deb package (you are missing a specific version of 64-bit) that you can download from your own site
avg85flx -r855-a3656.i386.deb . A After downloading the file will install with the command:

$ sudo dpkg-i-r855-a3656.i386.deb avg85flx


Once installed you can run from the command line by passing as parameter directory you want to scan for viruses.
AVG Anti-Virus command line scanner
Copyright (c) 2010 AVG Technologies CZ
Virus database version: 271.1.1/3137
Virus database release date: Wed, 15 Sep 2010 20:34:00 +02:00
Files scanned : 8451(8443)
Infections found : 0(0)
PUPs found : 0
Files healed : 0

Warnings reported : 0

Errors reported : 0
Más información

ClamAV
AVG Free Antivirus Avast
Official documents:
https: / / help.ubuntu.com / community / Antivirus
  • Related Articles
Security Ubuntu (I) - Introduction (II) - User and Password Security
Ubuntu (III) - Software Insurance

Buy Aqua Socks Michigan

(V) - The Security

  • While GNU / Linux is a famous for its security, robustness and absence of virus (although some are), for better or for Unfortunately our favorite operating system often coexist with other systems much more vulnerable to attack by viruses, either on the same computer within a local network or Internet. For this reason there are solutions that we can install antivirus software and run it from Ubuntu.
What I can need an antivirus on GNU / Linux?


Scan Windows partition, if for example you download files using p2p programs and then open these files from windows could become infected with virus, a workaround is to scan them from Ubuntu before opening.
Keeping $ HOME partition virus free, although it is unlikely it could be the case downloaded files in Ubuntu that were infected and that this ultimately affects the system through programs such as Wine. To avoid scan everything you download from untrusted sources.

Add a filter to the mail server antivirus
    : If our system is Ubuntu mail server or gateway to other Windows workstations can be a good idea to install a resident anti-virus scan and remove any threat before it it comes to computers "sensitive.
native Antivirus


ClamAV ClamAV is an antivirus
open source, especially designed for analysis on mail servers. It
antivirus you are in the Ubuntu repositories for installation execute:
$ sudo aptitude install clamav ClamTk

we
After installation GUI
    available from the menu Applications - Accessories - Scanner
  • Virus. Its use is very intuitive and allows to scan any folder or file system.
ClamAV scanning a Windows partition Among its features most notable are the ability to schedule the scan (from menu Advanced
- Planner
), the possibility of working in resident (by installing the clamav-daemon), GUI for Gnome ( ClamTk ) and KDE (
KlamAV
), option to quarantine files ...


Avast: Avast also has a version for GNU / Linux free for noncommercial use (thou must register on the website by completing the registration form ). Although not in the repositories can download the deb package directly from your web

avast! Linux Edition (DEB package)

After downloading the file will install with the command: $ sudo dpkg-i-2_i386.deb avast4workstation_1.3.0 Understandably installation was unable to create the appropriate links in the Gnome menu, so it was necessary to start it from a terminal with the command: $ avastgui


Avast scanning $ HOME
Its operation is very intuitive, first of all update the database and once the update finished proceed to scan the selected folders or the entire system (not recommended).

AVG AVG is not in the repositories, but has deb package (you are missing a specific version of 64-bit) that you can download from your own site
avg85flx -r855-a3656.i386.deb . A After downloading the file will install with the command:

$ sudo dpkg-i-r855-a3656.i386.deb avg85flx


Once installed you can run from the command line by passing as parameter directory you want to scan for viruses.
AVG Anti-Virus command line scanner
Copyright (c) 2010 AVG Technologies CZ
Virus database version: 271.1.1/3137
Virus database release date: Wed, 15 Sep 2010 20:34:00 +02:00
Files scanned : 8451(8443)
Infections found : 0(0)
PUPs found : 0
Files healed : 0

Warnings reported : 0

Errors reported : 0
Más información

ClamAV
AVG Free Antivirus Avast
Official documents:
https: / / help.ubuntu.com / community / Antivirus
  • Related Articles
Security Ubuntu (I) - Introduction (II) - User and Password Security
Ubuntu (III) - Software Insurance

Sunday, September 12, 2010

How To Unlock Vip Suitecase

antivirus on Ubuntu (IV) - The Fire Safety

After
the summer break we return items to a dedicated security firewall (Or firewall). According
Wikipedia
, a firewall is:
".. a device or set of devices configured to permit, restrict, encrypt, decrypt, traffic between different areas on the basis of a set of standards and other criteria. " For what we want we can define the firewall as a set of rules with which to filter and control all network traffic in and out of your computer (or network). The firewall is the main piece in the network security.
The core of GNU / Linux (or kernel) has an integrated firewall so no need to install any specific software to have it. However, communication with the firewall features of the core (via the command iptables
) can be somewhat complicated for non-experts, for this reason there are programs that will facilitate the task of managing the firewall.
For this article I will use the program gufw (you can find at the Center for Software) to manage the firewall, but others such as firestarter
or ufw-gtk
that will be beaten.
Set access policy

There are two main policies when configuring the firewall, depending on the type of use that we will give our network connection choose one or the other:
Deny incoming traffic: reject all incoming connections and explicitly allow connections we want (secure method). Recommended for desktop users and small networks.

Allow incoming traffic: accept all connections and establish specific rules for those who want to deny (unsafe method).
From the main screen gufw

( System - Administration - Configuring firewalls ) activate the firewall and select the default restrictive policy for incoming traffic:

  • restrictive default policy

  2. define the rules

Once defined restrictive policy can define the rules that allow those communications need. We add a rule for each service they want to offer. There are many types of connections and many configurations for each, we will see some representative examples, thou must you apply to services and the conditions that you please lay down your firewall. Open

ports for p2p programs, p2p networks (emule, torrent ...) require certain ports open to function properly, by setting a restrictive policy we have "closed" all ports so you can set up rules for opening we need.
allowed the program access deluge (torrent)



In the same way we can allow access to programs or services that we deem necessary.

Allow administration remote: it is very common to have to configure computers remotely via different protocols (ssh, vnc ...) for which generally requires open access a given port. This is an "open door" to the world and a potential security hole. To minimize the risks filter these connections permitting only the connection from a specific IP address (the computer that performs remote administration). In this case the process will Add - Advanced - Allow - Incoming - Register - TCP -
select the IP address and port of origin and destination
- Add .


rulebook definition


In this case we have established a rule that allows access to the SSH service (on port 22) from the address 192.168.1.10 (our internal network) to the computer 192.168.1.2 (also Our internal network, so that not allow connections from any other location to the SSH service.) In addition to greater safety, we have activated the connection log.


More Wikipedia: Firewall

SoftLibre:
New GUI for configuring the Firewall on Ubuntu (ufw-gtk)

Related Articles


Security
    Ubuntu (I) - Introduction
  • Ubuntu Security (II) - User and Password Security
Ubuntu (III) - Software Insurance
Administration firewall gufw

ufw firewall administration
    • firestarter firewall administration
Posted by admin at 3:00 PM 0 comments

How To Unlock Vip Suitecase

antivirus on Ubuntu (IV) - The Fire Safety

After
the summer break we return items to a dedicated security firewall (Or firewall). According
Wikipedia
, a firewall is:
".. a device or set of devices configured to permit, restrict, encrypt, decrypt, traffic between different areas on the basis of a set of standards and other criteria. " For what we want we can define the firewall as a set of rules with which to filter and control all network traffic in and out of your computer (or network). The firewall is the main piece in the network security.
The core of GNU / Linux (or kernel) has an integrated firewall so no need to install any specific software to have it. However, communication with the firewall features of the core (via the command iptables
) can be somewhat complicated for non-experts, for this reason there are programs that will facilitate the task of managing the firewall.
For this article I will use the program gufw (you can find at the Center for Software) to manage the firewall, but others such as firestarter
or ufw-gtk
that will be beaten.
Set access policy

There are two main policies when configuring the firewall, depending on the type of use that we will give our network connection choose one or the other:
Deny incoming traffic: reject all incoming connections and explicitly allow connections we want (secure method). Recommended for desktop users and small networks.

Allow incoming traffic: accept all connections and establish specific rules for those who want to deny (unsafe method).
From the main screen gufw

( System - Administration - Configuring firewalls ) activate the firewall and select the default restrictive policy for incoming traffic:

  • restrictive default policy

  2. define the rules

Once defined restrictive policy can define the rules that allow those communications need. We add a rule for each service they want to offer. There are many types of connections and many configurations for each, we will see some representative examples, thou must you apply to services and the conditions that you please lay down your firewall. Open

ports for p2p programs, p2p networks (emule, torrent ...) require certain ports open to function properly, by setting a restrictive policy we have "closed" all ports so you can set up rules for opening we need.
allowed the program access deluge (torrent)



In the same way we can allow access to programs or services that we deem necessary.

Allow administration remote: it is very common to have to configure computers remotely via different protocols (ssh, vnc ...) for which generally requires open access a given port. This is an "open door" to the world and a potential security hole. To minimize the risks filter these connections permitting only the connection from a specific IP address (the computer that performs remote administration). In this case the process will Add - Advanced - Allow - Incoming - Register - TCP -
select the IP address and port of origin and destination
- Add .


rulebook definition


In this case we have established a rule that allows access to the SSH service (on port 22) from the address 192.168.1.10 (our internal network) to the computer 192.168.1.2 (also Our internal network, so that not allow connections from any other location to the SSH service.) In addition to greater safety, we have activated the connection log.


More Wikipedia: Firewall

SoftLibre:
New GUI for configuring the Firewall on Ubuntu (ufw-gtk)

Related Articles


Security
    Ubuntu (I) - Introduction
  • Ubuntu Security (II) - User and Password Security
Ubuntu (III) - Software Insurance
Administration firewall gufw

ufw firewall administration
    • firestarter firewall administration
Posted by admin at 3:00 PM 0 comments

Sunday, July 18, 2010

Shift Scheduler Wordpress

Ubuntu (III) - Security Software

Last week we analyzed the importance of proper system use and user permissions on the article Ubuntu Security
(II) - Users and key this week will continue with another pillar of security: the programs installed.
By controlling the source of the software and use an appropriate installation method will minimize the possibility of introducing malicious software on your system, improve stability and reduce security risks. installation methods
in Ubuntu and GNU / Linux in general have a wide variety of software installation methods, in the official guide Add
applications you have all these methods explained in detail, but I'll make a small look at the most common point of view of security:
Using the package manager
:
Ubuntu using DEB packages type, very secure in their elavoración and installation, these packages are installed / uninstalled with the package managers ( apt-get, aptitude, synaptic, adept, or gdebi
Center Software among others). This is the most recommended for all users
.


Ubuntu Software Centre (recommended)

    The main advantages of this method are
  1. : - Installation and maintenance simple, unified software - The creator of the package is identified and is accessible by anyone
    - Ability to view the file list that contains the package - clean uninstall - If a package interferes with another's own package system solves the conflict - if a package requires another to operate the system itself resolve package dependency

    From Source:
    Another common method of installation on GNU / Linux but not in Ubuntu is to compile code directly source to get an executable. This method is recommended only for those (very few) programs not available in the package manager.

    Typical installation from source

    This method, although it is generally quite safe has major disadvantages

    regarding the use of the packaging system:
    - Each program has its own installation method
    - For a novice user is difficult to know which files are installed and how to keep
    - Some programs can only be installed and uninstalled manually
    - conflicts and dependencies not managed
    2. - Requires the installation of compilers, libraries, utilities ...

  2. If you are forced to install software using this method please note: read the installation instructions contained
    README or INSTALL file, make sure the website you got the program that is reliable and has a contact address of the author, points out that Package Manager can not uninstall, update or manage this software in any way.

    installable Scripts:
    are files that contain within themselves the necessary orders for installation, this is the typical format of nvidia drivers (*. run) or user-created scripts for different purposes ( *. sh) among others.



    autoinstalable Running a script (nVidia driver)



    This is undoubtedly the most insecure
    method of installing software and should be avoided whenever possible, its main disadvantages are
    - Normally the origin is little or no reliable
    - It's easy to insert malicious code in these scripts
    - To know exactly what is causing the script requires knowledge of shell programming

    3. If you are forced to install software using this method keep in mind : well sure that the script source is reliable, especially wary of scripts that require administrator permissions, if possible edit the script and analyze everything he does before running it.


  3. Source
    software packaging system (recommended method of installation) the software gets what are called repositories, you have a comprehensive guide to managing repositories
    Add external repositories, but As before we will see what the best way to manage these repositories from the point of view of safety.
    basic tool for managing Ubuntu repositories is software-properties-gtk and have available in the menu system - Administration - Software Sources



    There are several types of repositories that are managed differently and that
    software-properties-gtk
    4. control.

  • official Ubuntu repositories
    • This is the main repository of Ubuntu derived distributions that package, you can switch from the Ubuntu Software tab
, hundreds of repositories all over the world and they're all insurance, but to be sure they are fully updated, it is recommended to use the Ubuntu main server or primary server's own country.

Choice of primary server

need not take any special security measures to use these repositories.

personal Repositories PPA
    personal repositories are repositories
  1. PPA for Ubuntu users hosted on servers in Launchpad
    and contain newer versions (or development) of certain programs. These repositories are not supported by Canonical but are created by users are identified and digitally signed so they are relatively safe.

    The management of these repositories is simple and can be integrated in the transmission Ubuntu packages. The exact name of the repository and how to add will be detailed in the website of each repository.
    We will see better with an example, let's add the reposiorio PPA with the latest version of Wine (version 1.2). The name of the repository is ppa: ubuntu-wine/ppa and to add we will use the following commands:

    - Add the repository to the software sources list: sudo
    2. add-apt-repository ppa: ubuntu-wine / ppa

    - Update package list: sudo aptitude update

  2. - Uninstall the previous version of wine (only if you had installed): sudo aptitude purge wine - Install the program (in this case wine )
    sudo aptitude install wine


    - Check the version of wine installed: wine - version wine
    -1.2

    The main advantages of this type
    repositories are among others: the availability of the latest development versions of certain programs, fully integrated into the packaging system and security system based on digital signatures. Its disadvantages
    are: add a certain level of instability when using programs developed or not sufficiently tested and add some level of insecurity for these repositories are not checked by Canonical.

    Externals
    Sometimes (increasingly less) you want to install software that is packaged in third party repositories (or the main Ubuntu repositories or PPA), let's see how we manage these repositories and ensure with a digital key.
    Again we will use an example to illustrate the process, in this case we will add fatástico GetDeb
    repository containing a large number of programs that are not on the official Ubuntu repositories or are but in earlier versions. Installation instructions and all packages containing the find on its website. The exact name of the repository is deb
    lucid-getdeb http://archive.getdeb.net/ubuntu and add apps will use the following commands:



    - Manually add the repository to the list system repositories: sudo bash
    3. -c "echo 'deb-getdeb http://archive.getdeb.net/ubuntu lucid apps'>> / etc / apt / sources.list"

    - Import digital key safety: wget-q
  3. -O-http://archive.getdeb.net/getdeb-archive.key
    aptitude update - Install any application GetDeb repositories, such as the social browser Flock: sudo aptitude install

    flock
    The most important point concerning the safety of such repositories is
    never add repositories have no security key or do not make public.
More



Ubuntu Guide -
Add external repositories
Ubuntu Guide -
Add applications


Wikipedia -
Repository Launchpad - PPA

Related Articles
Security Ubuntu (I) - Introduction
Ubuntu Security (II) - User and Password
Posted by admin at 3:00 PM 0 comments
Subscribe to: Comments (Atom)