| by Scott Kilroy

Upgrading ubuntu 18.10 to ubuntu 19.04

Ubuntu 19.04 will be supported for 9 months until January 2020. If you need Long Term Support, it is recommended you use Ubuntu 18.04 LTS instead. (…)Read the rest of Upgrading ubuntu 18.10 to ubuntu 19.04 (249 words) © ruchi for Ubuntu Geek, 2019. | Permalink | No comment | Add to del.icio.us Post tags: […]

Share Button
Read More
| by Scott Kilroy

10 Reasons To Change Windows For Linux In 2019

Probably many have already heard about the growing opposition of these two operating systems. The most popular Windows is gradually losing ground in the face of free software — GNU / Linux. Is this justified? Of course, I am not talking about the redis…

Share Button
Read More
| by Scott Kilroy

Getting copy and paste to work in vncserver

Share Button
Read More
| by Scott Kilroy

Stop image hotlinking on NGINX

If you think it’s possible that someone is linking to images hosted on your site add the following to you nginx config file # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return 403; } } Or if you want to be a wiseguy and replace the hotlinked image with something else # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return […]

Share Button
Read More
| by Scott Kilroy

Linux For A Slow Laptop

Image by slgckgcThere are old laptops in each house that can no longer function fully. Using standard operating systems, for example, Windows or Linux becomes almost impossible. However, you can still use the old laptop effectively.Now many distri…

Share Button
Read More
| by Scott Kilroy

Addressing Security Issues on Linux Home Computers

Linux is known for being a safe and secure operating system, but it’s not impervious to attacks. As Linux gains more market share and becomes an option that large companies choose for their systems, malware creators turn their attention to creating cod…

Share Button
Read More
| by Scott Kilroy

9 Best Linux-Based Security Tools

Information security specialists and sysadmins need to be sure their networks are sealed against malicious attacks. This is why the practice of penetration testing is commonly employed, to sniff out security vulnerabilities before malicious hackers. Home Linux users should also be wary about the security of their systems. There are a huge variety of tools for accomplishing this, but some stand out in the industry more than others.

In this article, we are going to highlight 9 of the best Linux-based security tools, which every pentester should be familiar with. Note this is only a list of some of the most widely used tools – if you’re interested in the latest security news, you can regularly read this website, which covers a lot of great infosec topics. Most of the tools on this list are also bundled with Kali Linux (specially designed for information security professionals, but not for home users or Linux newbies), but you can check out this literally massive list of all things related to hardware, security, programming, and other computer-related fields of interest to infosec people.


Nmap

Nmap is one of the most popular tools for network mapping. You can discover active hosts within a network, and a wide range of other detection features. Nmap has functions for host discovery, port scanning, OS detection, app versions, and other scripting interactions.

Nmap is great for both beginners and veterans alike, and is compatible with a wide range of operating systems, including most of the popular Linux distros.

UnicornScan

Unicornscan is an infosec tool used for data correlation and information gathering. Basically, it offers complex, asynchronous TCP and UDP scanning, which is useful for finding remote hosts. Furthermore, it can reveal the software driving the hosts.

Unicornscan also features TCP banner detection, custom data sets, SQL relationship output, and a handful of other functions useful to the cause.

Fierce

While similar in function to Nmap and Unicornscan, Fierce is more useful for corporate network scanning. As a network mapper and port scanner, Fierce is able to discover non-contiguous IP space, and hostnames on the network.

Fierce can be used to employ tests against a selected domain, allowing you to garner valuable information. It has the ability to change DNS servers for reverse lookups, can scan entire IP ranges and Class C scans, as well as brute force attack methods with custom dictionaries.

THC Hydra

An explicit brute force hacking tool, THC Hydra is used for brute force cracking remote authentication services. It supports over 50 protocols, including CVS, FTP, HTTP/S, IMAP, IRC, LDAP, MS-SQL, and obviously many more. As an infosec tool, it is incredibly useful for testing network password security – though of course, it is a favourite of blackhat hackers as well.

THC Hydra can launch parallel brute force attacks, and is considered one of the fastest tools for the job. It also supports custom modules, and is available for a wide range of operating systems.

John the Ripper

As a multi-platform cryptography testing tool, John the Ripper allows sysadmins to simulate brute force attacks on a network. Its main strength is in its ability to test encryptions such as SHA-1, DES, Windows LM hashes, and many others commonly found on Unix systems.

John the Ripper will also automatically change decryption methods, depending on the algorithms it detects. Aside from dictionary-based brute force attacks, the tool can also allow you to define custom letters, run automatically with crons, and it is compatible with most operating systems and architectures.

Kismet Wireless

A tool for analyzing and sniffing wireless LAN networks, as well as intrusion detection. Kismet Wireless is compatible with nearly all types of network cards, and the sniffing mode can work on 802.11a/b/g/n.

It can scan for wireless encryption levels on any given AP, allows for channel hopping, and has a network logging feature. Additionally, the tool can run natively on Windows, Linux, and various BSD systems.

Metasploit Framework

Infosec specialists familiar with the Ruby programming language should highly appreciate Metasploit Framework, being a Ruby-based tool. It is used for the development and execution of exploit attacks against remote targets. It’s also extremely powerful with a ton of features.

Metasploit Framework is able to evade detection on remote hosts, for starters. Secondly, it has network enumeration and discovery, can work from an MFSconsole, and scrape data. It is available for Windows and Linux.

Netcat

As a network exploration tool, Netcat is fairly popular in the infosec and sysadmin industries. It’s primary function is for checking inbound / outbound network data, as well as port exploration. This sounds simple, but its potential is unlocked when used in combination with Perl, C, and bash scripts.

Netcat features TCP/UDP port analysis, reverse and forward DNS analysis, a UDP/TCP tunneling mode, and more. There are also forks of the tool which have additional features, for example OpenBSD Netcat, which has TLS support.

OpenVAS

From the same development team that wrote the famous Nessus tool, OpenVAS is a fairly powerful pentest tool. It’s more like a toolbox, rather than an individual tool. It comes with over 50 network vulnerability tests, and you can write your own security plugins to the platform. Basically, it can scan anything you can dream of related to network vulnerabilities.

Some of OpenVAS primary features include simultaneous host discovery, full integration with SQL databases, results exporting in various formats, and the OpenVAS Transfer Protocol. It is available for Linux and Windows.


This post is written by Robert Dale

Share Button
Read More
| by Scott Kilroy

Linux Backup Types Explained and Best Practices

In today’s technical world, the importance of Linux seems to be increasing. And there are innumerable reasons behind this popularity, including stability, box security, rock-solid reliability, and much more. If you are a freshly minted Linux administrator, one of the primary challenges in front of you would be to implement a dependable and reliable backup system, isn’t it?

Whether you use bootable flash drives for this task or any other sturdy place, the importance of backup cannot be denied. Considering the number of options available out there, selecting one can be quite overwhelming of a process. Having said that, here are some of the best backup types that you can try out.


Linux Backup Types

Full Backups

Just as the name suggests, a full backup is the kind of backup in which your every file and folder of the system is backed up. If the backed up data doesn’t change, every full backup that was created will never change. Generally, a full backup takes a lot of time and would also require more space in comparison with other kinds of backups. However, the process of restoring the data from a full backup would be comparatively faster.

Certain Linux admins, by default, do a full backup of smaller data sets or folders that won’t consume a lot of space for storage.  Even if you wish to run full backups for the entire data set without compromising with space, you can keep this task for periodic execution. However, one of the major problems with this type of backup would be the longest gap that can pose a great risk to the data.

Advantages:

  • Centralized in one backup set
  • Readily available data
  • Easy to manage version control

Disadvantages:

  • Slower backup operations
  • Require more storage space
  • Inefficient use of resources

Incremental Backups

Incremental backups are the ones that record every kind of data that was changed since your last performed the backup, whether it was incremental or full. For instance, if you executed a full back up on Monday evening, you can perform an incremental backup on Wednesday evening to target all the files that were changed since the first time.

And then, on Friday, you can execute a job that would copy every sort of change made since Wednesday, so on and so forth. In a simple word, this incremental backup method generates a backup chain. And, these backups would be arranged in an order from the starting point.

Advantages:

  • Less space consumption
  • Faster backup operations and leaner backup images
  • Create multiple versions of the same file

Disadvantages:

  • Slower recovery operations
  • Require search to individual backup file
  • Initial full backup and all incremental backups would be required for full recovery of backup

Differential Backups

The third type of backup, known as differential backup, are the ones that record every change made since you last executed the full backup. Let’s assume you ran a full back up on a Monday night. And then, the following Wednesday, you run a differential backup to record all the changes made since Monday’s backup. The backup that you will be executing on Friday will only be recording changes made since the Monday night.

Likewise, this cycle will keep running until you execute your next full backup. Generally, differential backups are popularly called the middle ground between full backups and incremental backups.

Advantages:
Efficient use of storage space
Faster backup operations in comparison with full backups
Faster recovery operation in comparison with incremental backups

Disadvantages:

  • Slower backup process than incremental backups
  • Slower recovery process than full backups
  • Initial full backup and all differential backups would be required for full recovery of backup

Best Practices for Linux Backup

Planning

While taking a Linux backup, planning is one of the essential factors, and it is the universal best practice for taking a backup. Planning is one such critical stage where you can discover every primary component of the strategy.

Right from what you are backing up to the kind of database you are selecting, you will have to plan around everything specifically. Also, this stage will include the kind of back up you are executing and how often you will be doing it. Make sure that you are weaving the plan carefully to integrate it into your daily operations of IT.

Automation

Next best practice that can provide you with amazing benefits is the automation. A majority of significant Linux backup utilities would necessitate working from the command line.  To give you an example, StorageCraft’s ShadowProtect SPX, custom made for Linux, is a precise instance of how the right set of tools can easily streamline and automate your backup administration.

This SPX lets administrators keep a tab on scheduled backup plans from the inbuilt job timeline feature. And, it can restore the entire systems to either a virtual environment or any hardware just in the matter of a few minutes. This kind of automation would turn out to be advantageous when it comes to handling daily tasks, specifically the ones to recover the disaster. Hence, you can decide upon the automation that you’d be using for your backup before executing the process.

Backup Storage Devices

While creating a Linux backup plan, you may have to revisit your strategy of storage completely. Although backup software can help you optimize your storage space by compressing files, however, making use of these copies would take a lot of storage again, which in turn, raises the requirement for a sturdy option.

Therefore, you can easily connect your Linux box to any of the external hard drive or a NAS appliance. If you are choosing a hard drive, finding one with the space of 1TB at an affordable price wouldn’t be tough. Also, you can even find NAS devices with multiple TB spaces within a certain budget, too.

Security Challenges

If you are backing up a critical set of data, you would have to be completely proactive when it comes to safeguarding it from online risks and threats. If you are sending any kind of data on the internet, it should be encrypted while in transit. Not just that, even if you are storing any backup in the local storage, like bootable flash drive, or any other thing, put a lock key to be extremely sure.

All in all, you would have to ensure that the safety measures are not taken for granted in any given circumstances. In this situation, you can also keep a backup plan.

Backup Protection

Whether you have kept the backup in any of the online platforms or have stored it in a different machine altogether, keeping all of the backup in one place can be counter-intuitive. In case any problem comes up, years of hard work can go up in smoke just like that. This leaves you with two primary options.

You can either create backup copies and keep them in different areas and locations. These locations can be divided online and offline. Or, if you have access to any of the remote servers, you can use network transfer to keep your backups offsite.

Backup Testing

Surely, there might be nothing as deflating as an attempt that leads to failed data recovery. If looked from the bright angle, this feeling of dreariness and devastation can easily go away if you perform routine testing of your backups. Although automation is a good option to cut down the tedious processes; however, there are certain responsibilities you cannot let go off.

If you think that your data was worth backing up and storing in any tape, disc, or server, you must also check it to ensure accurateness now and then.  It will give you peace of mind that your data is secured.

Conclusion

The backup menu of Linux surely comes with a gamut of interesting options. While some admins may want to choose their own robust app and tailor their systems; on the other hand, others might go with a third-party recovery solution.

Regardless of what you are selecting, make sure that you are streamlining everything and ensuring no space for disasters or mistakes. Since choices vary based on requirements, you may not find any wrong or right backup plan. So, figure out the kind of backup you require and plan the strategy accordingly to save time, budget, and expertise. After all, something is better than nothing.


Author Bio: Poonam Srinivasan is the Technical Editor of wiki.meramaal.com. Poonam have a passion for helping people to solve all their problems related to technology from last 4 years. She worked as a freelance Network Engineer previously.

Share Button
Read More