Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)

Posted on in Categories CentOS, Debian Linux, fedora linux, Gentoo Linux, GNU/Open source, Linux, Linux distribution, Networking, RedHat/Fedora Linux, Security, Slackware, Suse Linux, Ubuntu Linux last updated May 27, 2009

Linux kernel is the central component of Linux operating systems. It is responsible for managing the system’s resources, the communication between hardware and software and security. Kernel play a critical role in supporting security at higher levels. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly in how they are administered and how they integrate into the system. They also allow for easy control of access between processes and objects, processes and other processes, and objects and other objects. The following pros and cons list is based upon my personal experience.

Lighttpd mod_rrdtool: Monitor The Load, Requests Per Seconds and Traffic

Posted on in Categories CentOS, Debian Linux, fedora linux, Hardware, Howto, lighttpd, Linux, Monitoring, RedHat/Fedora Linux, Ubuntu Linux last updated May 23, 2009

The round-robin database tool aims to handle time-series data like network bandwidth, temperatures, CPU load etc. The data gets stored in round-robin database so that system storage footprint remains constant over time. Lighttpd comes with mod_rrdtool to monitor the server load and other details. This is useful for debugging and tuning lighttpd / fastcgi server performance.

Download of the day: Ubuntu Linux 9.04 CD / DVD ISO

Posted on in Categories Download of the day, GNU/Open source, Linux desktop, Linux distribution, Ubuntu Linux last updated April 24, 2009

Ubuntu Linux 9.04 has been released and available for download ( jump to download link ). Ubuntu Linux is a community-based Linux distribution. The latest release of Ubuntu brings the best open source technologies together on one platform, with the benefit of free updates for 18 months. Also announced were the simultaneous releases of Ubuntu 9.04 Server Edition and Ubuntu 9.04 Netbook Remix (UNR).

Lighttpd Install mod_geoip For Country / City Level Geo Targeting

Posted on in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, lighttpd, Linux, Networking, package management, RedHat/Fedora Linux, Suse Linux, Ubuntu Linux, UNIX last updated March 29, 2009

Geolocation software is used to get the geographic location of visitor using IP address. You can determine country, organization and guess visitors location. This is useful for:

a] Fraud detection.

b] Geo marketing and ad serving.

c] Target content.

d] Spam fighting.

e] And much more.

mod_geoip is a Lighttpd module for fast ip/location lookups. In this tutorial you will learn about mod_geoip installation and php server side examples to determine visitors country.

Tips To Protect Linux Servers Physical Console Access

Posted on in Categories Debian Linux, Hardware, Howto, Kde, Linux, Linux desktop, Linux distribution, package management, RedHat/Fedora Linux, Sys admin, Tips, Ubuntu Linux last updated March 12, 2009

This is an user contributed article.

Linux computer console is a physical device to operate a computer / server. Here are few steps which, if taken, make it more difficult for an attacker to quickly modify a system from its console.

Dealing with Recession – Saving Money With Free and Open Source Software

Posted on in Categories Debian Linux, Howto, Linux, Linux desktop, News, RedHat/Fedora Linux, Ubuntu Linux last updated March 2, 2009

According to wikipedia – “An economy which grows over a period of time tends to slow down the growth as a part of the normal economic cycle. An economy typically expands for 6-10 years and tends to go into a recession for about six months to 2 years”. The current defaults on homeloan have led to a major crisis in the US. Once recession started consumers lose confidence in the growth of the economy and spend less including technology and software. Is free and open source software (FOSS) a way to cut business costs? As concern about recession – even depression – deepens, more and more companies are asking this question. However, many have trouble knowing how to begin to find an answer.

Security Through Obscurity: MAC Address Filtering ( Layer 2 Filtering )

Posted on in Categories data center, fedora linux, FreeBSD, Gentoo Linux, GNU/Open source, Hardware, Iptables, Linux, Networking, RedHat/Fedora Linux, Security, Ubuntu Linux, UNIX, Windows, windows vista, Wireless networking last updated February 17, 2009

MAC Filtering (layer 2 address filtering) refers to a security access control methodology whereby the 48-bit address assigned to each network card is used to determine access to the network. Iptables, pf, and IPFW can block a certain MAC address on a network, just like an IP. One can deny or allow from MAC address like 00:1e:2a:47:42:8d using open source firewalls. MAC address filtering is often used to secure LAN or wireless network / devices. Is this technique effective?

Debunking the "Linux is virus free" Myth

Posted on in Categories Debian Linux, Howto, Linux, Linux desktop, RedHat/Fedora Linux, Security, Shell scripting, Ubuntu Linux, Windows, windows vista last updated February 11, 2009

Is Linux is virus free? The author of foobar blog provides some insight about the same. Linux users can’t just catch a virus by email or downloading malware from the Internet, contrary to “those Windows users”. From the foobar blog post:

Then you save an email attachment under Linux, the execute flag is normally NOT set and thus, the file can’t be executed just by clicking on it. So, no luck?