July 2010

Sunday, July 18, 2010

Shift Scheduler Wordpress

Ubuntu (III) - Security Software

Last week we analyzed the importance of proper system use and user permissions on the article Ubuntu Security
(II) - Users and key this week will continue with another pillar of security: the programs installed.
By controlling the source of the software and use an appropriate installation method will minimize the possibility of introducing malicious software on your system, improve stability and reduce security risks. installation methods
in Ubuntu and GNU / Linux in general have a wide variety of software installation methods, in the official guide Add
applications you have all these methods explained in detail, but I'll make a small look at the most common point of view of security:
Using the package manager

Center Software among others). This is the most recommended for all users
.

Ubuntu Software Centre (recommended)

: - Installation and maintenance simple, unified software - The creator of the package is identified and is accessible by anyone
- Ability to view the file list that contains the package - clean uninstall - If a package interferes with another's own package system solves the conflict - if a package requires another to operate the system itself resolve package dependency

From Source:
Another common method of installation on GNU / Linux but not in Ubuntu is to compile code directly source to get an executable. This method is recommended only for those (very few) programs not available in the package manager.

Typical installation from source

This method, although it is generally quite safe has major disadvantages

regarding the use of the packaging system:
- Each program has its own installation method
- For a novice user is difficult to know which files are installed and how to keep
- Some programs can only be installed and uninstalled manually
- conflicts and dependencies not managed

If you are forced to install software using this method please note: read the installation instructions contained
README or INSTALL file, make sure the website you got the program that is reliable and has a contact address of the author, points out that Package Manager can not uninstall, update or manage this software in any way.

installable Scripts:
are files that contain within themselves the necessary orders for installation, this is the typical format of nvidia drivers (*. run) or user-created scripts for different purposes ( *. sh) among others.

autoinstalable Running a script (nVidia driver)

This is undoubtedly the most insecure
method of installing software and should be avoided whenever possible, its main disadvantages are
- Normally the origin is little or no reliable
- It's easy to insert malicious code in these scripts
- To know exactly what is causing the script requires knowledge of shell programming

Source

software packaging system (recommended method of installation) the software gets what are called repositories, you have a comprehensive guide to managing repositories
Add external repositories, but As before we will see what the best way to manage these repositories from the point of view of safety.

basic tool for managing Ubuntu repositories is software-properties-gtk and have available in the menu system - Administration - Software Sources

There are several types of repositories that are managed differently and that
software-properties-gtk

official Ubuntu repositories

, hundreds of repositories all over the world and they're all insurance, but to be sure they are fully updated, it is recommended to use the Ubuntu main server or primary server's own country.

Choice of primary server

need not take any special security measures to use these repositories.

personal Repositories PPA

PPA for Ubuntu users hosted on servers in Launchpad
and contain newer versions (or development) of certain programs. These repositories are not supported by Canonical but are created by users are identified and digitally signed so they are relatively safe.

The management of these repositories is simple and can be integrated in the transmission Ubuntu packages. The exact name of the repository and how to add will be detailed in the website of each repository.
We will see better with an example, let's add the reposiorio PPA with the latest version of Wine (version 1.2). The name of the repository is ppa: ubuntu-wine/ppa and to add we will use the following commands:

- Add the repository to the software sources list: sudo

- Uninstall the previous version of wine (only if you had installed): sudo aptitude purge wine - Install the program (in this case wine )
sudo aptitude install wine

- Check the version of wine installed: wine - version wine
-1.2

The main advantages of this type
repositories are among others: the availability of the latest development versions of certain programs, fully integrated into the packaging system and security system based on digital signatures. Its disadvantages
are: add a certain level of instability when using programs developed or not sufficiently tested and add some level of insecurity for these repositories are not checked by Canonical.

Externals
Sometimes (increasingly less) you want to install software that is packaged in third party repositories (or the main Ubuntu repositories or PPA), let's see how we manage these repositories and ensure with a digital key.
Again we will use an example to illustrate the process, in this case we will add fatástico GetDeb
repository containing a large number of programs that are not on the official Ubuntu repositories or are but in earlier versions. Installation instructions and all packages containing the find on its website. The exact name of the repository is deb
lucid-getdeb http://archive.getdeb.net/ubuntu and add apps will use the following commands:

- Manually add the repository to the list system repositories: sudo bash

-O-http://archive.getdeb.net/getdeb-archive.key
aptitude update - Install any application GetDeb repositories, such as the social browser Flock: sudo aptitude install

flock
The most important point concerning the safety of such repositories is
never add repositories have no security key or do not make public.

Ubuntu Guide -
Add external repositories
Ubuntu Guide -
Add applications

Wikipedia -
Repository Launchpad - PPA

Security Ubuntu (I) - Introduction

Ubuntu Security (II) - User and Password

Shift Scheduler Wordpress

Ubuntu (III) - Security Software

Center Software among others). This is the most recommended for all users
.

Ubuntu Software Centre (recommended)

: - Installation and maintenance simple, unified software - The creator of the package is identified and is accessible by anyone
- Ability to view the file list that contains the package - clean uninstall - If a package interferes with another's own package system solves the conflict - if a package requires another to operate the system itself resolve package dependency

From Source:
Another common method of installation on GNU / Linux but not in Ubuntu is to compile code directly source to get an executable. This method is recommended only for those (very few) programs not available in the package manager.

Typical installation from source

This method, although it is generally quite safe has major disadvantages

regarding the use of the packaging system:
- Each program has its own installation method
- For a novice user is difficult to know which files are installed and how to keep
- Some programs can only be installed and uninstalled manually
- conflicts and dependencies not managed

If you are forced to install software using this method please note: read the installation instructions contained
README or INSTALL file, make sure the website you got the program that is reliable and has a contact address of the author, points out that Package Manager can not uninstall, update or manage this software in any way.

installable Scripts:
are files that contain within themselves the necessary orders for installation, this is the typical format of nvidia drivers (*. run) or user-created scripts for different purposes ( *. sh) among others.

autoinstalable Running a script (nVidia driver)

This is undoubtedly the most insecure
method of installing software and should be avoided whenever possible, its main disadvantages are
- Normally the origin is little or no reliable
- It's easy to insert malicious code in these scripts
- To know exactly what is causing the script requires knowledge of shell programming

Source

software packaging system (recommended method of installation) the software gets what are called repositories, you have a comprehensive guide to managing repositories
Add external repositories, but As before we will see what the best way to manage these repositories from the point of view of safety.

basic tool for managing Ubuntu repositories is software-properties-gtk and have available in the menu system - Administration - Software Sources

There are several types of repositories that are managed differently and that
software-properties-gtk

official Ubuntu repositories

personal Repositories PPA

PPA for Ubuntu users hosted on servers in Launchpad
and contain newer versions (or development) of certain programs. These repositories are not supported by Canonical but are created by users are identified and digitally signed so they are relatively safe.

The management of these repositories is simple and can be integrated in the transmission Ubuntu packages. The exact name of the repository and how to add will be detailed in the website of each repository.
We will see better with an example, let's add the reposiorio PPA with the latest version of Wine (version 1.2). The name of the repository is ppa: ubuntu-wine/ppa and to add we will use the following commands:

- Add the repository to the software sources list: sudo

- Uninstall the previous version of wine (only if you had installed): sudo aptitude purge wine - Install the program (in this case wine )
sudo aptitude install wine

- Check the version of wine installed: wine - version wine
-1.2

The main advantages of this type
repositories are among others: the availability of the latest development versions of certain programs, fully integrated into the packaging system and security system based on digital signatures. Its disadvantages
are: add a certain level of instability when using programs developed or not sufficiently tested and add some level of insecurity for these repositories are not checked by Canonical.

Externals
Sometimes (increasingly less) you want to install software that is packaged in third party repositories (or the main Ubuntu repositories or PPA), let's see how we manage these repositories and ensure with a digital key.
Again we will use an example to illustrate the process, in this case we will add fatástico GetDeb
repository containing a large number of programs that are not on the official Ubuntu repositories or are but in earlier versions. Installation instructions and all packages containing the find on its website. The exact name of the repository is deb
lucid-getdeb http://archive.getdeb.net/ubuntu and add apps will use the following commands:

- Manually add the repository to the list system repositories: sudo bash

-O-http://archive.getdeb.net/getdeb-archive.key
aptitude update - Install any application GetDeb repositories, such as the social browser Flock: sudo aptitude install

flock
The most important point concerning the safety of such repositories is
never add repositories have no security key or do not make public.

Ubuntu Guide -
Add external repositories
Ubuntu Guide -
Add applications

Wikipedia -
Repository Launchpad - PPA

Security Ubuntu (I) - Introduction

Ubuntu Security (II) - User and Password

Sunday, July 11, 2010

Will Alprazolam Ease Night Sweats

sure Ubuntu (II) - Key Users and Security

As we saw in the previous post Ubuntu Security (I) - Introduction one of the pillars of the strength of GNU / Linux is its powerful user management and permissions.

User Account Types

user with administrative permissions This is the user that is created during installation of the system is allowed to use all installed applications, save or modify content in your personal folder and may temporarily assume the duties of an administrator using the command sudo

This user is indicated for daily work and management of common desktop systems.

user without administrative permissions

This is the type of users that are created from

menu System - Administration - Users and groups

, has permission to use any application and save or modify information in your personal folder. May not exercise administrative tasks or use the command sudo
.

Creating a user

If you need to create more users to others to use your system should use these accounts. So whatever happens will not alter the configuration of the system, only your personal options.

If you need administrative permissions to these users can do so from

Guest User
This account is present in Ubuntu and some other distributions allows access to the system with an unprivileged user, no password allows the use of most applications, but do not store or modify data or indeed to assume administrative duties. (You can save data but it will be lost when you log off.)

This account is very helpful in public access computers, demonstrations, or any situation where you want someone to use the system without changing anything. To access this account you must do so from a user session and started by clicking the session control applet, select invited session. + Info

guest user access

User root This is the administrative user traditionally used in all Linux distributions, but in Ubuntu has disabled this account and instead use the command sudo

. + Info

The advantages of using sudo to root against are: minimizing the possibility of disaster careless administrative account to be active for less time, making the user more aware of what actions and which do not pose danger or used to Administrative use permits only when strictly necessary, among other reasons.

Some users are not accustomed to working in Ubuntu so insist on the activation of this account (by putting endanger the safety of the system). If this is your case, the root account activation is done with the command: sudo passwd root

This will assign a root password allowing access to the system and use its
command. Once the administrative task in question is recommended to re-disable this account with the command: sudo

passwd-l root

The password is the key that locks the door the privacy of each user. For this reason it is worth spending a little time to choose the password.
Criteria for choosing a password:

must be at least 6 characters
preferably containing combinations of uppercase, lowercase, symbols and numbers
must not contain any characters easily deduced by the data "visible" user ( ie type password prevents user1)
Preferably using randomly created passwords
Examples of poor username / password combinations: usuario/usuario1, root / toor, usuario/1234, user / aaaaaaaa, user / name Examples of good passwords : ffagh61w, OP9% SSAS

use the menu System - Administration - Users and groups - Change Password

Change Password

is tempting
disable password to give you greater access This would be equivalent to always leave the car open so as not to open it (and with the keys!). Try to avoid the options
not ask the password again when logging

menu Users and Groups) and

Disable automatic access to the system

Change permissions

g roups

All of common filesystems GNU / Linux supports a comprehensive permit system , that assigns to each file / directory: an owner, a group and read (r) / write (w) / execute (x) for independent owner, group and other users. Let's look clearer with an example, the command ls-l will show all this data: ls-l

-rw-r ----- 1 dani 07/06/2010 18:24 77,951 users screenshot_001.png
In this example the screenshot_001.png
file is owned by user

dani, belongs to

users and their permissions are: reading and writing to the owner (the first rw-) reading for the rest of the group of users users (

) and no access for other users of the system (

--- ). + Info

Sometimes we find we do not have permission to perform one or another action on a file (eg we can not run a downloaded file, or the publisher tells us that we can not save changes to a text file.) The solution is not to become root, the solution is to establish the correct file permissions.
To change the permissions of a file use the command chmod

 
 (with sudo

if the file is not owned by us). Each type of permission is assigned a number: read = 4 write = 2, run = 1, these permissions can be added and should be reported to the owner, group and other users. Some examples:

# chmod 777 file permission assigned reading (4) + write (2) + execute (1) for the owner, group and world chmod 600 #
users assigned read permission (4) + write (2) the owner, group and other users have no access
# chmod 755 all permissions for owner, read and execute the rest + info If these commands will seem too complicated you can always use the file manager to change the permissions by right-clicking on the file you want to change and choosing Properties - Permits Properties - Permissions

Another common misconception is that the file owner or group improperly allocated (ie occurs for example if you use some programs to root when it should). Again the solution is not to become root (or rather this is the source of the problem), the solution is correctly set the file owner and group.

For this, use the command chown (with sudo if the file is not your property). Its use is quite simple, with one example will suffice: sudo chown

 dani: dani File # assign the owner and the group dani dani the file

+ info

More

sudo vs root

The guest user Nomenclature

permissions and user management groups

Related Articles

Ubuntu (I) - Introduction

Will Alprazolam Ease Night Sweats

sure Ubuntu (II) - Key Users and Security

As we saw in the previous post Ubuntu Security (I) - Introduction one of the pillars of the strength of GNU / Linux is its powerful user management and permissions.

User Account Types

This user is indicated for daily work and management of common desktop systems.

user without administrative permissions

This is the type of users that are created from

menu System - Administration - Users and groups

, has permission to use any application and save or modify information in your personal folder. May not exercise administrative tasks or use the command sudo
.

Creating a user

If you need to create more users to others to use your system should use these accounts. So whatever happens will not alter the configuration of the system, only your personal options.

If you need administrative permissions to these users can do so from

Guest User
This account is present in Ubuntu and some other distributions allows access to the system with an unprivileged user, no password allows the use of most applications, but do not store or modify data or indeed to assume administrative duties. (You can save data but it will be lost when you log off.)

This account is very helpful in public access computers, demonstrations, or any situation where you want someone to use the system without changing anything. To access this account you must do so from a user session and started by clicking the session control applet, select invited session. + Info

guest user access

User root This is the administrative user traditionally used in all Linux distributions, but in Ubuntu has disabled this account and instead use the command sudo

. + Info

The advantages of using sudo to root against are: minimizing the possibility of disaster careless administrative account to be active for less time, making the user more aware of what actions and which do not pose danger or used to Administrative use permits only when strictly necessary, among other reasons.

Some users are not accustomed to working in Ubuntu so insist on the activation of this account (by putting endanger the safety of the system). If this is your case, the root account activation is done with the command: sudo passwd root

This will assign a root password allowing access to the system and use its
command. Once the administrative task in question is recommended to re-disable this account with the command: sudo

passwd-l root

The password is the key that locks the door the privacy of each user. For this reason it is worth spending a little time to choose the password.
Criteria for choosing a password:

must be at least 6 characters
preferably containing combinations of uppercase, lowercase, symbols and numbers
must not contain any characters easily deduced by the data "visible" user ( ie type password prevents user1)
Preferably using randomly created passwords
Examples of poor username / password combinations: usuario/usuario1, root / toor, usuario/1234, user / aaaaaaaa, user / name Examples of good passwords : ffagh61w, OP9% SSAS

use the menu System - Administration - Users and groups - Change Password

Change Password

menu Users and Groups) and

Disable automatic access to the system

Change permissions

g roups

-rw-r ----- 1 dani 07/06/2010 18:24 77,951 users screenshot_001.png
In this example the screenshot_001.png
file is owned by user

dani, belongs to

users and their permissions are: reading and writing to the owner (the first rw-) reading for the rest of the group of users users (

) and no access for other users of the system (

 
 (with sudo

 dani: dani File # assign the owner and the group dani dani the file

+ info

More

sudo vs root

The guest user Nomenclature

permissions and user management groups

Related Articles

Ubuntu (I) - Introduction

Sunday, July 4, 2010

Belgian Draft Horse Mart

Ubuntu (I) - Introduction

One
the issues of most concern to newcomers to Ubuntu is the security (especially if coming from Windows). However, most bring misconception and myths based on the movies than in reality hackers. For this reason I am going to devote a series of articles giving an overview at all levels Ubuntu security, clarifying doubts, demystifying hoaxes and giving extra information for those wishing to pursue the subject.
This article is a guide and an index of what I will publish in future articles.

security depends on the system used, but also options configuration and level of knowledge of the administrator.

With a good firewall I am 100% sure: FALSE The firewall is only one element to determine the safety of a system, but there are many more. Only

I use my computer, I need a username: FALSE

It's better to root for so no permission issues: FALSE need to activate the root account in Ubuntu to do the job "x": FALSE

In Ubuntu root user should never enter the system. For that you use sudo.
Windows viruses can affect me in Ubuntu: No virus

FALSE Windows (at least to date) affect GNU / Linux. Although it has been reported that certain cases of malware running through wine. + Info

Users and key user accounts ensures the privacy of information, the correct distribution of privileges in the system and minimize the effects if a security breach. A good set of key users is the foundation of a strong safety.

Always use secure passwords and not even if you disable a little annoying.
+ info
insurance
Repositories Repositories are sources that distributions like Ubuntu get the software, using unsafe or unauthenticated repositories could result in the entry of malicious software on our system.
To avoid this always use official repositories or repositories signed key.

+ info

Firewall
Among the many functions of a firewall is to increase the security of our network connections using filters that analyze the origin, destination, port and other data related to these connections.

This layer of security is especially important for those services that you offer through the local network or internet (mail server, web hosting, remote desktop ...)
+ info

SELinux / AppArmor

is an extra layer of security to confine processes applications and / or users, according to predetermined security policies, thus preventing that exceed their duties or malicious software is used to exploit its potential vulnerabilities.

+ info

Antivirus

Yet there are few cases where it may be useful, for example, scanning a Windows partition or USB devices, scanning Windows machines through the network, adding an antivirus filter our internal mail server or avoid infection of applications running with Wine.

+ info

system analysis tools

port scanners, search engines rootkit or full security suites.
+ info

records all events that occur in the system are recorded somewhere, including in relation to external connections and security.

Learn to locate and analyze this information will give us valuable information on system status and any shortcoming in safety.

detect and expel intruders

how to act in these cases depend on whether this situation will occur or not.

More

https: / / help.ubuntu.com/8.04/serverguide/C/user-management.html

https: / / help.ubuntu.com / community / https

http://www.osnews.com/story/23463/Linux_Security_-_a_Few_Useful_Tactical_Tips

gufw Administration

firewall with firestarter

ufw firewall administration