Understanding VIM : Beginner's Tutorial-1

Vim editor takes some time to settle within the working arena  of professionals. It's a cake walk when people use it for atleast a week.
There are three modes in vim - insert mode, command mode, and last-line mode.
Insert mode is meant for inserting text, press i for start mode. Command mode is used for executing formating texts. Last-line mode is used for executing extended commands for text formating.
Start Vim by typing vim /vi .

Enhance Linuxbox Security : Iptables Printer Rules to Limit Access to Local LAN.

Assume a topology of a local LAN connected to the internet through a gateway in which you are configuring Iptables firewall. This gateway is attached to a printer & running a print server. The LAN belongs to 192.168.1.0/24 ip range. We want to limit the access of printer within the local LAN & bar the printer access from the outside internet. See figure.

Enhance Linuxbox Security : Creating a Custom Chain in Iptables

Read this post before proceeding as it contains simple basic firewall configuration file.
We can customize the flow of rules in iptables by creating new custom chains. The flow of rules in iptables follows the sequence of their execution.

Linux Amazing Keypresses & Commands : Set 5

• By default in Bash shell pressing Ctrl+D will exit the current shell . To prevent it you can add the following line in ~/.bashrc:

export IGNOREEOF=1

And then source the file to read it again:

source ~/.bashrc

Fuduntu = [Fedora + Ubuntu]

Fuduntu is a perfect distro for those users who hate RedHat due to its complexities & less user friendliness. It is a distro developed to bridge the gap between Fedora & Ubuntu. It is a Fedora remix optimized for Netbook and other portable computers & may be regarded as the most attractive cousin of RedHat. Fedora mainly focuses on developers perspective whereas Ubuntu focuses on end user experience. Distros like Mint, Ubuntu are well versed with user needs & append it’s apps, but Fedora lacks such schemes. These are the pitfalls which are mainly taken care of in Fuduntu. Although, it’s in an incipient stage now, it has a good collection of default packages. It also needs to focus more on user needs.

Enhance Linuxbox Security : Basic Iptables Firewall Configuration

If you are not familiar with Iptables, read this posts first.
http://linux-techy.blogspot.com/2010/04/enhance-linux-box-security-iptables.html
http://linux-techy.blogspot.com/2010/04/enhance-linux-box-security-iptables_30.html
http://linux-techy.blogspot.com/2010/06/enhance-linux-box-security-iptables.html
http://linux-techy.blogspot.com/2010/06/enhance-linux-box-security-iptables_27.html
http://linux-techy.blogspot.com/2010/06/enhance-linux-box-security-iptables_2179.html
http://linux-techy.blogspot.com/2010/12/enhance-linuxbox-security-know-all.html
 In this post, I have tried to build a simple & basic iptables firewall for filtering the outside traffic.  I’m going to create a simple shell script  which is independent to the topology of network. Later on we will add complexity to the file as per the need & topology.

Prioritize processes using Taskset

Almost every system has multiprocessors nowadays. You may require to run a process using 1 CPU or multiple CPUs. This functionality can be used by installing taskset.
Let's say you want to run firefox using one CPU. You'd run something like this:

taskset 0x00000001 firefox

For allowing firefox to use 2 CPUs replace 0x00000001 with 0x00000003

For allowing firefox to use all CPUs replace 0x00000001 with 0xFFFFFFFF

Working With Alias

In Linux, we are provided with a cool tool that can create new shortened command for a  given command. It is called alias. That is, it allows a user to create simple names or abbreviations (even consisting of just a single character) for commands regardless of how complex the original commands are and then use them in the same way that ordinary commands are used. The alias command is built into a number of shells including ash, bash (the default shell on most Linux systems), csh and ksh.To create alias type the command:

#alias  

Eg.#alias dir="ls" 

Other Advanced Linux Bootloaders.

In most Linux system GRUB (Grand Unified Bootloader) or GRUB 2  is the default bootloader. If you have more than one OS installed in your hardware, then you have to stare for few seconds on the bootloader everytime, you power on. There are other options which will help you getting ride of such monotonicity. If your system has GRUB by default (Fedora & OpenSUSE), you can upgrade it to GRUB 2 which has more features. There is also a derivative of GRUB called Burg (GRUB, letters written in reverse stands for  Brand-new Universal loader from GRUB ). Let's see the features of both bootloader separately:

Gnacktrack = [Gnome + BackTrack]

There is a new penetration testing Live CD in the market. It's called GnackTrack,  made solely for the Gnome lovers. GnacktrackR3 is based on Ubuntu 10.10. There are other penetration testing Live CD like BackTrack, DVL etc. BackTrack is the most well known name with in penetration testing community. Gnacktrack sounds like Backtrack but it's based on Gnome.
The story goes like this (quote from faq),

Vinux : Linux For Visually impaired

Vinux 3.1 is has been launched which is a linux based on Ubuntu 10.10 meant for visually impaired users. It’s available in CD & DVD (USB & virtual version is yet to come) in both 32 bit & 64 bit version.  Vinux  has it’s own package repository, users can install packages using apt-get/synaptic & dedicated IRC channel. Beginner can press  (Ctrl+Alt+Q) to access Quick Start Guide.

Powertop : [Top + Power Management]

Powertop is a utility software that lists processes which are eating away your battery power & suggests you power saving useful tips. The utility in mainly meant for laptops where power consumption is critical issue. Powertop is the project of lesswatts.org. You can check this link for the processes which usually consume more power.

Enhance Linuxbox Security : Know all services listening on some ports.

There is a inbuilt tool used in Linux that can be used to list the services listening on some ports of your system. This is important because of the following reasons:

• Any malware or spyware compromising your security can be noticed & traced. 
• Check on the (unencrypted) packets which can be easily sniffed in open (wifi) network.

 Netstat is the tool. Execute the command to list the services which are listening to some ports.

$netstat -nap

Linux Amazing Keypresses & Commands : Set 5

• Finding the top 20 processing in consuming the RAM.

$ps aux | awk '{print $2, $4, $11}' | sort -k2rn | head -n 20

This command will list the top 20 process in decreasing order of their RAM consumption. It will be more helpful if you add a alias this command. Another solution for it is htop.
Install htop. For Fedora/RedHat users.

$yum install htop

For Ubuntu users.

$sudo apt-get install htop

For sorting the processes run htop & type
M for RAM
P for CPU
T for TIME
To invert the processes type I.

rtcwake : Wake up your system after given time.

Waking up the pc is the common need of every moderate users. In that case rtcwake is a useful utility for you. Using this utility you can wake up your linux box at any given time. So, why do we need to wake up the poor soul. Because of the following reasons:

• System clean-up when you are busy sleeping after exploiting the pc for a whole day.
• Routine System backup when you are busy attending other emergencies. 
• Running a cron job like buzzing a song to wake you up. 

The usage can be endless. To install this program. Execute commands below.

sudo apt-get install rtcwake
sudo chmod u+s /usr/sbin/rtcwake

An example of the rtcwake command can be

rtcwake -m mem -s 300

Encrypt files using EncFS

Creating an encrypted folder using EncFS is a easy job. It's a simple utility to encrypt your files. At first you have to login as a root.
Execute >su & enter root password.

Install encfs & fuse.

$apt-get install encfs fuse-utils

Load the use module in the kernel as root

$modprobe fuse

Antivirus Solutions for linux-3

Continued... from the previous post.

5. Kaspersky Anti-Virus for Linux Workstation is a two-part solution designed to protect workstations. The first module, the on access protection, is integrated with the operating system and checks file modified files (either new or amended files), thereby ensuring real-time protection of the system without significantly increasing server load. The second module, the on demand scanner, scans the file system, removable media devices and individual files either on schedule or on demand.

Antivirus Solutions for linux-2

Continued.... from previous post.

3. F-Prot Antivirus for Linux Workstations is meant for home users using the Linux open-source operating system . F-PROT Antivirus for Linux Workstations utilizes the renowned F-PROT Antivirus scanning engine for primary scan but has in addition to that a system of internal heuristics devised to search for unknown viruses.
F-PROT Antivirus for Linux was especially developed to effectively eradicate viruses threatening workstations running Linux. It provides full protection against macro viruses and other forms of malicious software - including Trojans.                     
F-PROT for Linux Workstations features:

Antivirus Solutions for linux

It's naive to say that Linux systems are immune to viruses. Linux systems are seldom attacked by viruses because very few viruses are developed targeting Linux systems. Officially Linux desktops are now more than 1% in desktop markets shares. It's the time when people should start thinking about Linux anti-viruses. There are some free/non free solutions: 
1. Avast Linux Home Edition
Avast is famous anti-virus for providing free anti-virus for windows, now they are providing free anti-virus for increasing Linux systems.

Advanced Intrusion Detection Environment (AIDE) -host based IDS for Linux

Advanced Intrusion Detection Environment or AIDE is a host-based IDS & free substitute for Tripwire.
It scans the filesystem and logs the attributes of important files, directories, and devices. Each time it runs, it compares its scanned attributes against the previous, "known good" data, and alerts you if something has changes.
AIDE works by reading in the configuration file /etc/aide/aide.conf that contains
1. the attributes of each entry to log. There are currently thirteen attributes that AIDE can log — including permissions, owner, group, size, all three timestamps (atime, ctime, and mtime), plus lower-level stuff like inode, block count, number of links, and so on.
You will find these codes in the conf file.

OSSIM: the Open Source Security Information Management System

A Security Information Management system (SIM), is a toolset that fills in that gap by collecting eventlogs into a central repository for trend analysis from different tools. It centralizes log information, correlates logs to establish cause-effect relationship between events, prevents possible damage/flaws on the company’s resources etc.  

OSSIM is a fully featured SIM solution that offers all the necessary functionality, ranging from the detection at low-level to high-level reporting. 

Based on GNU/Linux Debian, kernel 2.6, OSSIM integrates a handy suite of security open source tools

Linux Amazing Keypresses & Commands : Set 4

1. command

$sudo !!

After executing this command, you have to never think about typing sudo. When you type enter     after typing sudo !! , user password prompt will appear & after entering password, the user don't need to enter sudo before the commands.

2. pressing [tab] twice
    This is the favorite keypress used by linux users. It's useful tool for auto completion of commands. Type initial characters of a command & hit tab twice. Eg. type if & hit tab twice. shell will display all the possible commands beginning with if like 'ifconfig'.

Webcam setup in Debian Linux

Setting up things in Debian systems is quite easy due to the online installation utilities like apt-get & aptitude. For setting up your webcam connect your webcam to the usb. Execute the command.

>  lsusb

If the cam is supported then it will show its information. After that we have to install a cam application software. Camorama can capture stills or display images as they happen. It has no streaming capabilities.

>aptitude install camorama

PCs/Laptop with linux preinstalled.

Linux is now not all all geeky stuff. People like working in Linux & praise it's powers & capabilities to handle specialized & general tasks. Dell, system76, and ZaReason offer excellent PCs and laptops with pre-installed Ubuntu.
These site provides a pre-compiled list of some pc/laptop vendors that provides linux
-> http://lxer.com/module/db/index.php?dbn=14 
-> http://www.linuxhq.com/vendors/systems.html

And after that you should read these links
http://www.geeksaresexy.net/2010/11/08/why-buy-linux-pre-installed/
http://www.pcworld.com/businesscenter/article/212014/how_to_buy_a_computer_preloaded_with_ubuntu.html

Online Crontab Tool

Crontab is a handy tool for scheduling particular tasks/commands. You can set a time for updating the system, shutting it down etc. So, to use the crontab, issue the command
>crontab -e 
This will display the crontab file which you can edit to set your tasks.
These are the options related to crontab
crontab -e    Edit your crontab file, or create one if it doesn’t already exist.
crontab -l      Display your crontab file.
crontab -r      Remove your crontab file.
crontab -v      Display the last time you edited your crontab file. (This option is only available on a few systems.)