Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 40 hardening tips for default installation of Linux system.
The latest version of the popular Linux desktop distribution Ubuntu 9.10 has been released and available from the official project web site. New features since Ubuntu 9.04 includes – Firefox 3.5, GNOME 2.28, an enforcing AppArmor profile, Linux kernel 2.6.31, ext4 file system (default), Empathy instant messenger instead of Pidgin, the Ubuntu One client, which interfaces with Canonical’s new on-line storage system. It also includes a new application called the Ubuntu Software Center. A quick screen-shot tour of new features available here on our website.
Internet has revolutionized the way online users can shop and avail banking services like internet Banking from anywhere, anytime without visiting bank. But, how safe is your money with online net-banking which allows to carry out money transfer? Companies and in some case individuals lost anywhere from $10,000 to $500,000 dollars because of a single malware infection. The cyber crooks are targeting innocent MS-Windows user. If you are concerned about how best to protect yourself from this type of fraud, use Linux LiveCD for online banking and avoid Microsoft Windows at all cost.
Celestia is a real-time visual space simulation astronomy program. It is a cross platform, open source software and released under the GNU General Public License. NASA and ESA have used Celestia in their educational and for interfacing to trajectory analysis software. It allows users to travel through an extensive universe, modeled after reality, at any speed, in any direction and at any time in history. Celestia displays and interacts with objects ranging in scale from artificial satellites to entire galaxies in three dimensions using OpenGL. It is a perfect software for astronomer, educator, student, and teacher for astronomy purpose.
OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. However, the main advantage is server authentication, through the use of public key cryptography. From time to time there are rumors about OpenSSH zero day exploit. This page shows how to secure your OpenSSH server running on a Linux or Unix-like system to improve sshd security.
If you do not control or throttle end users, your server may run out of resources. Spammers, abuser and badly written bots can eat up all your bandwidth. A webserver must keep an eye on connections and limit connections per second. This is serving 101. The default is no limit. Lighttpd can limit the throughput for each single connection (per IP) or for all connections. You also need to a use firewall to limit connections per second. In this article I will cover firewall and lighttpd web server settings to throttle end users. The firewall settings can be applied to other web servers such as Apache / Nginx and IIS server behind PF / netfilter based firewall.
I’ve Windows Vista installed as a guest under Ubuntu Linux using VMWARE Workstation 6.0. This is done for testing purpose and browsing a few site that only works with Internet Explorer. Since I only use it for testing I made 16GB for Vista and 5GB for CentOS and 5GB in size for FreeBSD guest operating systems. However, after some time I realized I’m running out of disk space under both CentOS and Vista. Adding a second hard drive under CentOS solved my problem as LVM was already in use. Unfortunately, I needed to double 32GB space without creating a new D: drive under Windows Vista. Here is a simple procedure to increase your Virtual machine’s disk capacity by resizing vmware vmdk file.
OpenOffice.org (OOo) is a freely available, full-featured office suite. OOo is both a software product and a community of volunteers that produces and supports the software. However, new users may get lost while finding help, support and productivity enhancing extensions. This blog post covers OOo new user orientation to to discover support, tutorials, community insights, templates, clip art, extensions, and blogs for OOo.
The Blue Screen of Death (BSoD) is used for the error screen displayed by Microsoft Windows, after encountering a critical system. Linux / UNIX like operating system may get a kernel panic. It is just like BSoD. The BSoD and a kernel panic generated using a Machine Check Exception (MCE). MCE is nothing but feature of AMD / Intel 64 bit systems which is used to detect an unrecoverable hardware problem.
Program such mcelog decodes machine check events (hardware errors) on x86-64 machines running a 64-bit Linux kernel. It should be run regularly as a cron job on any x86-64 Linux system. This is useful for predicting server hardware failure before actual server crash.