Essential Tools for Managing Debian Based Linux (debian-ubuntu-mint etc etc)
A quick post, here are some tools i use that make me sleep easier at night for managing my Debian based Linux systems that have a interface exposed to the public Internet.
1) Denyhosts -- sudo apt-get install denyhosts -- great python script that blocks users who have failed to login with the correct username or password via ssh by putting their IP address in /etc/deny.hosts -- Also emails you with all the relevant information. (http://denyhosts.sourceforge.net/)
2) apticron -- sudo apt-get install apticron -- Great script that checks for software updates and mails you when updates are available to install (http://packages.debian.org/search?keywords=apticron)
3) etckeeper -- sudo apt-get install etckeeper -- uses a version control system like GIT / Bazaar to provide automatic revisions of the files in /etc. If you make an error when installing or changing a config, backout is much easier with etckeeper (http://kitenet.net/~joey/code/etckeeper/)
4) Tiger -- sudo apt-get install tiger -- runs scheduled security checks on your system and warns you via email of any potential issues. (http://www.nongnu.org/tiger/)
These tools make remote admin a lot safer and you can attend to your system when notified that you NEED to attend to it, rather than checking manually yourself
Thursday, April 08, 2010
Monday, April 05, 2010
A Food Tip
Had some great food and drink over the weekend, I enjoyed the combination so much I thought I would share it online. This combination was served at end of a nice meal, but the final course was so nice it somewhat became the star of the show...plus two of three ingredients are from British Suppliers and all three are modestly priced.
1 x Bottle of taylors 10 year old tawny port slightly chilled - see www.taylor.pt
1 x Portion of Tesco's Finest Mature 'long clawson' Blue Stilton Cheese
1 x Portion Tesco Finest Brie De Meaux
its a classic combination but i was really impressed by both the cheeses and port so much i just had to put something online. The creaminess abrupt flavour of the Stilton cheese and the almost toffee like flavour of the port was a brilliant combination and both are readily available from the high street, the Brie is also a real classic treat, don't miss out.
1 x Bottle of taylors 10 year old tawny port slightly chilled - see www.taylor.pt
1 x Portion of Tesco's Finest Mature 'long clawson' Blue Stilton Cheese
1 x Portion Tesco Finest Brie De Meaux
its a classic combination but i was really impressed by both the cheeses and port so much i just had to put something online. The creaminess abrupt flavour of the Stilton cheese and the almost toffee like flavour of the port was a brilliant combination and both are readily available from the high street, the Brie is also a real classic treat, don't miss out.
1 More Reason Why You gotta Love Linux
I am a linux desktop and server fan, however professionally and socially (for friends and family support) I also have to use Microsoft's operating systems. At home i have one physical Windows XP PC and Virtualized Windows Server 2003, both legal copies i must add.
I have had some very good experiences with Microsoft operating systems, the desktop i used while working for a futures and options exchange performed flawlessly for years running XP on a powerful HP workstation. Also i have a nicely running XP PC @home as previously mentioned. The rules to have a trouble free desktop for Microsoft are pretty much the same as for any other OS.
1# Give the system room to breathe with plenty of RAM
2# Install hardware appropriate to the task at hand IE You don't need to spend £300 on a video card if just need 2d video performance for office productivity
3# Make sure you have a method of obtaining software security updates from your vendor
4# Configure your system to have a firewall enabled and disable unneeded system services to try and keep the bad guys out.
5# Mainly for Microsoft this one, have a good anti virus/malware package installed and updated. For Linux perhaps a good rootkit checker installed.
However for the average home user items 3 and 4 from the list above
Number 3 is where Linux really wins over Microsoft, the best way to explain is why an example.
My home XP PC had not been used for about 3 weeks, use an excellent package called Secunia PSI to track my software updates for the software installed on my XP PC.....why?
Well of course "Microsoft Update" ONLY updates software from Microsoft, any other software updates you have to track yourself, secunia PSI does a fantastic job of this for you and its free for personal use.
However I have to then spend the next 90 minutes updating the following software manually, which requires a restart of the PC for most of the updates
# Java
# Firefox
# Commodo Firewall
# AVG internet security
# open office
# Microsoft Updates
# sandboxie
# malwarebytes anti malware
This is painful and without secunia PSI, i would have to check all the software manually which lets face it 90% of ordinary computer users would not bother with. I am quite proud of the XP install i have, the modest PC spec (1800 Mhz Sempron, 1 gig of ram, ancient MX Nvidia GPU, 160 gig eide disk) runs VERY well, but it takes a great deal of love and computing knowledge to preserve the configuration.
For example
# I use the free version of Winpatrol to stop programs making entries in the registry without my permission.
# I use comodo firewall to replace the basic microsoft firewall
# I use opendns to prevent the browsers going anywhere near websites that may carry drive-by browsing malware payloads. Mainly by fat finger url mistakes
# I use threatfire to protect as best i can against unpatched software exploits
# I use the free version of AVG to protect against malware and virus attack
# I use Firefox as they seem to plug holes in the browser software quicker than Microsoft, plus i use the noscript add on to protect against javascript exploits.
I visit so many friends and family to fix their systems for free, again and again i see a powerful PC brought to its knees by Windows XP that has not been locked down is not protected adequately. I have a version of Windows 7 on evaluation licence running virtulaized, that seems better but have only been using that a couple of months. But you need to be standard user witouth admin privileged access to be really safe.
however as i satted previously XP does work well when configured and protected well, but its a lot of work to give yourself a chance of an acceptable experience, work that the average user just can't be expected to undertake.
Of course Linux again has to update its software too, but as an example on my Linux PC running debian, i login to root access and type two commands in a terminal (or use the graphic client supplied)
# aptitude update
# aptitude upgrade
This method also updates software from third parties IF you have added the third parties repository to your sources.list file. Whoosh all done, mostly trouble free in 10 years of using Debian or Debian based distros, you only have to restart the system for Kernel updates or other certain updates.
The difference is marked here between Microsoft and Linux, the update method on Linux is a PLEASURE to use, where it be apt-get/aptitude, yum or suse's variant.
I try and convert friends and family to Linux at the desktop, only three people out of around 40 contacts have converted. Mainly fear of something new, the need to run games for their kids/themselves (buy a PS3 or Xbox 360!) or an exiting investment in Microsoft office prevents their conversion to linux. And YES i have to revisit them in 6 months to fix the PC again as they have not followed my advice due to their relative lack of confidence to perform the myriad of tasks needed to protect XP......This is another reason why you gotta love linux....If any of my froends or family read this....PLEASE CONVERT TO LINUX :-)
I have had some very good experiences with Microsoft operating systems, the desktop i used while working for a futures and options exchange performed flawlessly for years running XP on a powerful HP workstation. Also i have a nicely running XP PC @home as previously mentioned. The rules to have a trouble free desktop for Microsoft are pretty much the same as for any other OS.
1# Give the system room to breathe with plenty of RAM
2# Install hardware appropriate to the task at hand IE You don't need to spend £300 on a video card if just need 2d video performance for office productivity
3# Make sure you have a method of obtaining software security updates from your vendor
4# Configure your system to have a firewall enabled and disable unneeded system services to try and keep the bad guys out.
5# Mainly for Microsoft this one, have a good anti virus/malware package installed and updated. For Linux perhaps a good rootkit checker installed.
However for the average home user items 3 and 4 from the list above
Number 3 is where Linux really wins over Microsoft, the best way to explain is why an example.
My home XP PC had not been used for about 3 weeks, use an excellent package called Secunia PSI to track my software updates for the software installed on my XP PC.....why?
Well of course "Microsoft Update" ONLY updates software from Microsoft, any other software updates you have to track yourself, secunia PSI does a fantastic job of this for you and its free for personal use.
However I have to then spend the next 90 minutes updating the following software manually, which requires a restart of the PC for most of the updates
# Java
# Firefox
# Commodo Firewall
# AVG internet security
# open office
# Microsoft Updates
# sandboxie
# malwarebytes anti malware
This is painful and without secunia PSI, i would have to check all the software manually which lets face it 90% of ordinary computer users would not bother with. I am quite proud of the XP install i have, the modest PC spec (1800 Mhz Sempron, 1 gig of ram, ancient MX Nvidia GPU, 160 gig eide disk) runs VERY well, but it takes a great deal of love and computing knowledge to preserve the configuration.
For example
# I use the free version of Winpatrol to stop programs making entries in the registry without my permission.
# I use comodo firewall to replace the basic microsoft firewall
# I use opendns to prevent the browsers going anywhere near websites that may carry drive-by browsing malware payloads. Mainly by fat finger url mistakes
# I use threatfire to protect as best i can against unpatched software exploits
# I use the free version of AVG to protect against malware and virus attack
# I use Firefox as they seem to plug holes in the browser software quicker than Microsoft, plus i use the noscript add on to protect against javascript exploits.
I visit so many friends and family to fix their systems for free, again and again i see a powerful PC brought to its knees by Windows XP that has not been locked down is not protected adequately. I have a version of Windows 7 on evaluation licence running virtulaized, that seems better but have only been using that a couple of months. But you need to be standard user witouth admin privileged access to be really safe.
however as i satted previously XP does work well when configured and protected well, but its a lot of work to give yourself a chance of an acceptable experience, work that the average user just can't be expected to undertake.
Of course Linux again has to update its software too, but as an example on my Linux PC running debian, i login to root access and type two commands in a terminal (or use the graphic client supplied)
# aptitude update
# aptitude upgrade
This method also updates software from third parties IF you have added the third parties repository to your sources.list file. Whoosh all done, mostly trouble free in 10 years of using Debian or Debian based distros, you only have to restart the system for Kernel updates or other certain updates.
The difference is marked here between Microsoft and Linux, the update method on Linux is a PLEASURE to use, where it be apt-get/aptitude, yum or suse's variant.
I try and convert friends and family to Linux at the desktop, only three people out of around 40 contacts have converted. Mainly fear of something new, the need to run games for their kids/themselves (buy a PS3 or Xbox 360!) or an exiting investment in Microsoft office prevents their conversion to linux. And YES i have to revisit them in 6 months to fix the PC again as they have not followed my advice due to their relative lack of confidence to perform the myriad of tasks needed to protect XP......This is another reason why you gotta love linux....If any of my froends or family read this....PLEASE CONVERT TO LINUX :-)
Subscribe to:
Posts (Atom)
Posts
