Security Comparison: Windows vs Linux

last updated in Categories Links, Linux, Security, Sys admin, Windows server

Much ado has been made about whether or not Linux is truly more secure than Windows. This article provides some tips and hints about the same.

We compared Windows vs. Linux by examining the following metrics in the 40 most recent patches/vulnerabilities listed for Microsoft Windows Server 2003 vs. Red Hat Enterprise Linux AS v.3:

1. The severity of security vulnerabilities, derived from the following metrics:
1.1 damage potential (how much damage is possible?)
1.2. exploitation potential (how easy is it to exploit?)
1.3. exposure potential (what kind of access is necessary to exploit the vulnerability?)
2. The number of critically severe vulnerabilities

The results were not unexpected. Even by Microsoft’s subjective and flawed standards, fully 38% of the most recent patches address flaws that Microsoft ranks as Critical. Only 10% of Red Hat’s patches and alerts address flaws of Critical severity. These results are easily demonstrated to be generous to Microsoft and arguably harsh with Red Hat, since the above results are based on Microsoft’s ratings rather than our more stringent application of the security metrics. If we were to apply our own metrics, it would increase the number of Critical flaws in Windows Server 2003 to 50%.

Read more at : Security Comparison: Windows vs Linux

FreeBSD How to restart inetd service / daemon

last updated in Categories FreeBSD, Networking, Sys admin, Tips

inetd is referred to as the Internet Super-Server because it manages connections for several services. When a connection is received by inetd, it determines which program the connection is destined for, spawns the particular process and delegates the socket to it. First login as a root user.

FreeBSD version 5.0/6.0 or later

Newer version of FreeBSD has special start, stop, restart script, you can use this script restart inetd:

#/etc/rc.d/inetd restart

Old method (works on all variant of UNIX/Linux/BSD oses)
Once you made changes to inetd (internet super-server)configuration file (/etc/inetd.conf) you can use kill or killall command as follows to restart inetd:

# killall -HUP inetd

OR

# kill -HUP inetd

OR

# kill -HUP `cat /var/run/inetd.pid`

This causes the inetd program to restart and examine its configuration files. This is especially useful if you have changed the configuration settings.

See also:

  • BSD start services article it explains rc.conf and other concepts related to bsd services.

SSH Public Key Based Authentication on a Linux/Unix server

last updated in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, Linux, Linux desktop, Linux laptop, OpenBSD, RedHat/Fedora Linux, Solaris, Suse Linux, Sys admin, Tips, Ubuntu Linux, UNIX

The SSH protocol recommended a method for remote login and remote file transfer which provides confidentiality and security for data exchanged between two server systems. The SSH depends upon the use of public key cryptography. The OpenSSH server offers this kind of setup under Linux or Unix-like system. This how-to covers generating and using ssh public keys for automated usage such as:

  1. Automated Login using the shell scripts
  2. Making backups
  3. Run commands from the shell prompt and more
  4. Login without password

How to: Extract files from ISO CD images in Linux

last updated in Categories Debian Linux, File system, Gentoo Linux, Howto, Linux, RedHat/Fedora Linux, Suse Linux, Sys admin, Tips, Ubuntu Linux

Under many situations you may need to get a single file/many files from Linux ISO image.

You can mount ISO images via the loop device. You need to use mount command. First login as a root user:

Extract File(s) Under Linux OS

Let us assume that your ISO image name is disk1.iso.

Step # 1: First you need to create a directory /mnt/iso

# mkdir /mnt/iso
# mount -o loop disk1.iso /mnt/iso

Step # 3: Extract file

Now you can easily copy file called file.txt from iso disk image to /tmp directory :

# cd /mnt/iso
# cp file.txt /tmp

Step # 4: Copy foo.rpm from ISO disk image:

# cd /mnt/iso/RedHat/RPMS
# cp foo.rpm /tmp 

Extract File(s) Under Windows XP or Vista Os

Windows do not have in built capability as provided by Linux to extract file. Luckly many third party software exist my favorite is Winimage http://www.winimage.com/. Download trial version (I’m sure you will love to registered this tiny utility later):

1) Install Winimage software

2) Just double click on Linux ISO file

3) Select the desired file and hit CTRL + X (or from Image menu select extract)

For more information read man pages:

man cp
man mv
man rpm
man mount
man mkdir

How to mount remote windows partition (windows share) under Linux

last updated in Categories CentOS, File system, Howto, Linux, RedHat/Fedora Linux, Suse Linux, Sys admin, Tip of the day, Ubuntu Linux, UNIX, Windows, Windows server

All files accessible in a Linux (and UNIX) system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the file system found on some device to the big file tree.

Use the mount command to mount remote windows partition or windows share under Linux as follows:

Procedure to mount remote windows partition (NAS share)

1) Make sure you have following information:
==> Windows username and password to access share name
==> Sharename (such as //server/share) or IP address
==> root level access on Linux

2) Login to Linux as a root user (or use su command)

3) Create the required mount point:
# mkdir -p /mnt/ntserver
4) Use the mount command as follows:
# mount -t cifs //ntserver/download -o username=vivek,password=myPassword /mnt/ntserver

Use following command if you are using Old version such as RHEL <=4 or Debian <= 3: # mount -t smbfs -o username=vivek,password=D1W4x9sw //ntserver/download /mnt/ntserver

5) Access Windows 2003/2000/NT share using cd and ls command:
# cd /mnt/ntserver; ls -l
Where,

  • -t smbfs : File system type to be mount (outdated, use cifs)
  • -t cifs : File system type to be mount
  • -o : are options passed to mount command, in this example I had passed two options. First argument is password (vivek) and second argument is password to connect remote windows box
  • //ntserver/download : Windows 2000/NT share name
  • /mnt/ntserver Linux mount point (to access share after mounting)

See also:

Updated for accuracy on Aug-8-2007, 8:19PM.

How to mount an ISO image/file under Linux

last updated in Categories Debian Linux, File system, Howto, Linux, RedHat/Fedora Linux, Suse Linux, Sys admin, Tips, Ubuntu Linux

An ISO image is an archive file (disk image) of an optical disc using a conventional ISO (International Organization for Standardization) format. ISO image files typically have a file extension of .ISO. The name “ISO” comes from the ISO 9660 file system used with CD-ROM or DVD media, but an ISO image can also contain UDF file system because UDF is backward-compatible to ISO 9660. You can mount an ISO file or images via the loop device under Linux. It is possible to specify transfer functions (for encryption/decryption or other purposes) using loop device.