Feeds:
Posts
Comments

Archive for September, 2007

There are a lot of choices you can use to protect your system. Just use standard installation command to install it.

For example, you if want to install Lokkit, just use apt-get install command. Make sure you have the ‘universe‘ componet enabled in your repository.

taufanlubis@zyrex:~$ sudo apt-get install lokkit


Security tools for Ubuntu:

shorewall – Shoreline Firewall (Shorewall), a high-level tool for configuring Netfilter

arno-iptables-firewall – Single- and multi-homed firewall script with DSL/ADSL support

arptables – ARP table administration

ebtables – Ethernet bridge frame table administration

fail2ban – bans IPs that cause multiple authentication errors

ferm – maintain and setup complicated firewall rules

fiaif – An easy to use, yet complex firewall

filtergen – packet filter generator for various firewall systems

firehol – An easy to use but powerful iptables stateful firewall

fprobe-ulog – export captured traffic to remote NetFlow Collector (ULOG version)

fwanalog – firewall log-file report generator (using analog)

fwlogwatch – Firewall log analyzer

gnome-lokkit – basic interactive firewall configuration tool (GNOME interface)

guarddog – firewall configuration utility for KDE

guidedog – NAT/masquerading/port-forwarding configuration tool for KDE

ipac-ng – IP Accounting for iptables (kernel >=2.4)

ipkungfu – iptables-based Linux firewall

ipset – administration tool for kernel IP sets

iptstate – Top-like state for netfilter/iptables

kmyfirewall – iptables based firewall configuration tool for KDE

knetfilter – GUI for configuring the 2.4 kernel IP Tables

libabz0 – Miscellaneous useful routines

libiptables-ipv4-ipqueue-perl – Perl extension for libipq

lokkit – basic interactive firewall configuration tool (console interface)

netscript-2.4 – Linux 2.4.x (and 2.6.x) router/firewall network configuration system

netstat-nat – A tool that display NAT connections

openvpn – Virtual Private Network daemon

p3scan – transparent POP3-proxy with virus- and spam-scanning

psad – The Port Scan Attack Detector

pyroman – Firewall configuration tool for complex networks

reaim – Enable AIM and MSN file transfer on Linux iptables based NAT

shorewall-doc – documentation for Shorewall firewall

shorewall-lite – Shorewall (lite version), a high-level tool for configuring Netfilter

uif – Advanced iptables-firewall script

ulogd – The Netfilter Userspace Logging Daemon

uruk – Very small firewall script, for configuring iptables

wflogs – The modular firewall log analyzer of the WallFire project

fireflier-client-gtk – Interactive firewall rule creation tool – GTK client

fireflier-client-kde – Interactive firewall rule creation tool – QT client

fireflier-client-qt – Interactive firewall rule creation tool – QT client

fireflier-server – Interactive firewall rule creation tool – server

iptables – administration tools for packet filtering and NAT

iptables-dev – development files for iptable’s libipq and libiptc

Read Full Post »

I have 2 Operating Systems in my Laptop, Windows XP and Ubuntu Feisty. I separated the harddisk into 4 partitions.

  • Windows XP (NTFS format)

  • Ubuntu Feisty (Ext3 format)

  • WinLinux Data (Fat32)

  • Linux Swap (for linux swap file)

If you want to run both of it, you have to install XP first and Ubuntu after.

After the installation, you will have a ‘Ubuntu Grub Loader‘ to replace ‘Windows Boot Loader‘ at MBR (Master Boot Record).

 

The problem is, if you re-install your XP, the ‘Ubuntu Grub Loader’ in MBR will be overwrite. You can’t go to Ubuntu anymore. I’ve faced this problem before that made me almost re-install my Ubuntu.

Don’t try to recover it from XP, using ‘Norton Partition Magic’. You will can not boot your both OS after. I’ve done it before.

I’ve tried also using Linux System Rescue CD to setup LILO at MBR for temporary replace the Ubuntu Grub. I failed.

 

Actually, there is an easy way to recover the problem. Just use your Ubuntu Desktop/Live CD.

 

1. Boot the your machine with Live CD.

2. Open a terminal

(Application > Accessories > Terminal or type ‘Alt-F2′ and type ‘xterm’)

3. Start grub as root.

$sudo grub <enter>

4. Check your boot partition

grub> find /boot/grub/stage1 <Enter>

(hd0,3)

Note: Result (hd0,3) Harddisk 1, partition 3 (you may have more than 1 HD)

5. Fix your partition

grub > root (hd0,3) <Enter>

6. Setup grub at MBR

grub> setup (hd0,3) <Enter>

Checking if “/boot/grub/stage1” exists… yes

Checking if “/boot/grub/stage2” exists… yes

Checking if “/boot/grub/e2fs_stage1_5” exists… yes

Running “embed /boot/grub/e2fs_stage_5 (hd0)”… 17 sectors are embedded

succeeded

Running “install /boot/grub/stage1 (hd0)

(hd0)1+17 p (hd0,3)/boot/grub/stage2

/boot/grub/menu.lst”… succeded

Done

 

grub>

grub> quit <Enter>

7. Reboot and take out your CD live. If everything is fine, you will get your Ubuntu bootloader again.

Happy trying…..

Read Full Post »

Each manual page has a short description available within it. ‘whatis’

searches the manual page names and displays the manual page descriptions of any name matched.

 

taufanlubis@zyrex:~$ whatis ls

ls (1) – list directory contents

taufanlubis@zyrex:~$ whatis man

man (1) – an interface to the on-line reference manuals

man (7) – macros to format man pages

taufanlubis@zyrex:~$ whatis whatis

whatis (1) – display manual page descriptions

taufanlubis@zyrex:~$

Read Full Post »

Batery of my laptop is getting bad. It can save 5% only. The problem is, message says: “Your battery is now fully charged” always displayed. You can not disable it from System > Preferences > Power Management.

You have to do it through “Configuration Editor”.

There are 5 notifications:

AC Adapter Unplugged -> /apps/gnome-power-manager/notify_ac_adapter

Fully Charged -> /apps/gnome-power-manager/notify_fully_charged

Power Low

Power Critical

Suspend Failure

 

To activate it, just type,

taufanlubis@zyrex:~$ sudo gconf-editor

Then you will get a ‘configuration editor screen’.

  • On the left ‘list box’, choose ‘gnome-power-manager‘.

  • On the right ‘list box’, choose ‘notify_fully_charged‘ then remove the mark on the value.

 

 

 

 

 

 

 

Read Full Post »

Make sure your repository is correct and if you have firewall, your port 80 (http) and port 53 (dns) is open.

taufanlubis@zyrex:~$ cat /etc/apt/sources.list
## Repository from Main Server

deb http://archive.ubuntu.com/ubuntu/ feisty main universe multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ feisty main universe multiverse restricted #Added by software-properties
deb http://security.ubuntu.com/ubuntu/ feisty-security universe main multiverse restricted
deb-src http://security.ubuntu.com/ubuntu/ feisty-security universe main multiverse restricted #Added by software-properties
deb http://archive.ubuntu.com/ubuntu/ feisty-updates universe main multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ feisty-updates universe main multiverse restricted #Added by software-properties
deb http://archive.ubuntu.com/ubuntu/ feisty-proposed universe main multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ feisty-proposed universe main multiverse restricted #Added by software-properties
deb http://archive.ubuntu.com/ubuntu/ feisty-backports universe main multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ feisty-backports universe main multiverse restricted #Added by software-properties

 

First, update your repository list.

taufanlubis@zyrex:~$ sudo apt-get update

Password:

Get:1 http://security.ubuntu.com feisty-security Release.gpg [191B]

Ign http://security.ubuntu.com feisty-security/universe Translation-en_US

Get:2 http://archive.ubuntu.com feisty Release.gpg [191B]

Ign http://archive.ubuntu.com feisty/main Translation-en_US

Ign http://security.ubuntu.com feisty-security/main Translation-en_US

Ign http://security.ubuntu.com feisty-security/multiverse Translation-en_US

Ign http://security.ubuntu.com feisty-security/restricted Translation-en_US

Hit http://security.ubuntu.com feisty-security Release

Ign http://archive.ubuntu.com feisty/universe Translation-en_US

Ign http://archive.ubuntu.com feisty/multiverse Translation-en_US

Ign http://archive.ubuntu.com feisty/restricted Translation-en_US

Get:3 http://archive.ubuntu.com feisty-updates Release.gpg [191B]

Ign http://archive.ubuntu.com feisty-updates/universe Translation-en_US

Ign http://archive.ubuntu.com feisty-updates/main Translation-en_US

Ign http://archive.ubuntu.com feisty-updates/multiverse Translation-en_US

Ign http://archive.ubuntu.com feisty-updates/restricted Translation-en_US

Get:4 http://archive.ubuntu.com feisty-proposed Release.gpg [191B]

Hit http://security.ubuntu.com feisty-security/universe Packages

Ign http://archive.ubuntu.com feisty-proposed/universe Translation-en_US

Ign http://archive.ubuntu.com feisty-proposed/main Translation-en_US

Hit http://security.ubuntu.com feisty-security/main Packages

Hit http://security.ubuntu.com feisty-security/multiverse Packages

Hit http://security.ubuntu.com feisty-security/restricted Packages

Ign http://archive.ubuntu.com feisty-proposed/multiverse Translation-en_US

Ign http://archive.ubuntu.com feisty-proposed/restricted Translation-en_US

Get:5 http://archive.ubuntu.com feisty-backports Release.gpg [191B]

Ign http://archive.ubuntu.com feisty-backports/universe Translation-en_US

Ign http://archive.ubuntu.com feisty-backports/main Translation-en_US

Ign http://archive.ubuntu.com feisty-backports/multiverse Translation-en_US

Ign http://archive.ubuntu.com feisty-backports/restricted Translation-en_US

Hit http://archive.ubuntu.com feisty Release

Hit http://security.ubuntu.com feisty-security/universe Sources

Hit http://security.ubuntu.com feisty-security/main Sources

Hit http://security.ubuntu.com feisty-security/multiverse Sources

Hit http://security.ubuntu.com feisty-security/restricted Sources

Hit http://archive.ubuntu.com feisty-updates Release

Hit http://archive.ubuntu.com feisty-proposed Release

Hit http://archive.ubuntu.com feisty-backports Release

Hit http://archive.ubuntu.com feisty/main Packages

Hit http://archive.ubuntu.com feisty/universe Packages

Hit http://archive.ubuntu.com feisty/multiverse Packages

Hit http://archive.ubuntu.com feisty/restricted Packages

Hit http://archive.ubuntu.com feisty/main Sources

Hit http://archive.ubuntu.com feisty/universe Sources

Hit http://archive.ubuntu.com feisty/multiverse Sources

Hit http://archive.ubuntu.com feisty/restricted Sources

Hit http://archive.ubuntu.com feisty-updates/universe Packages

Hit http://archive.ubuntu.com feisty-updates/main Packages

Hit http://archive.ubuntu.com feisty-updates/multiverse Packages

Hit http://archive.ubuntu.com feisty-updates/restricted Packages

Hit http://archive.ubuntu.com feisty-updates/universe Sources

Hit http://archive.ubuntu.com feisty-updates/main Sources

Hit http://archive.ubuntu.com feisty-updates/multiverse Sources

Hit http://archive.ubuntu.com feisty-updates/restricted Sources

Hit http://archive.ubuntu.com feisty-proposed/universe Packages

Hit http://archive.ubuntu.com feisty-proposed/main Packages

Hit http://archive.ubuntu.com feisty-proposed/multiverse Packages

Hit http://archive.ubuntu.com feisty-proposed/restricted Packages

Hit http://archive.ubuntu.com feisty-proposed/universe Sources

Hit http://archive.ubuntu.com feisty-proposed/main Sources

Hit http://archive.ubuntu.com feisty-proposed/multiverse Sources

Hit http://archive.ubuntu.com feisty-proposed/restricted Sources

Hit http://archive.ubuntu.com feisty-backports/universe Packages

Hit http://archive.ubuntu.com feisty-backports/main Packages

Hit http://archive.ubuntu.com feisty-backports/multiverse Packages

Hit http://archive.ubuntu.com feisty-backports/restricted Packages

Hit http://archive.ubuntu.com feisty-backports/universe Sources

Hit http://archive.ubuntu.com feisty-backports/main Sources

Hit http://archive.ubuntu.com feisty-backports/multiverse Sources

Hit http://archive.ubuntu.com feisty-backports/restricted Sources

Fetched 5B in 4s (1B/s)

Reading package lists… Done

 

Second, upgrade all your installed applications.

taufanlubis@zyrex:~$ sudo apt-get upgrade

Reading package lists… Done

Building dependency tree

Reading state information… Done

0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

 

Third, upgrade your distro.

taufanlubis@zyrex:~$ sudo apt-get dist-upgrade

Reading package lists… Done

Building dependency tree

Reading state information… Done

Calculating upgrade… Done

0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

taufanlubis@zyrex:~$

Now, all your installed applications and distro have already updated.

Read Full Post »

Linux Operating System has a number of built-in protection mechanism. You can activate it by modifying the system kernel parameters in the /proc filesystem via the /etc/sysctl.conf file.

taufanlubis@zyrex:/etc$ sudo gedit sysctl.conf

Just, remove the ‘#’ to activate the parameters

 

Content of sysctl.conf:

#

# /etc/sysctl.conf – Configuration file for setting system variables

# See sysctl.conf (5) for information.

#

 

#kernel.domainname = example.com

#net/ipv4/icmp_echo_ignore_broadcasts=1

 

# the following stops low-level messages on console

kernel.printk = 4 4 1 7

##############################################################

# Functions previously found in netbase

#

 

# Uncomment the next line to enable Spoof protection (reverse-path filter)

#net.ipv4.conf.default.rp_filter=1

 

# Uncomment the next line to enable TCP/IP SYN cookies

#net.ipv4.tcp_syncookies=1

 

# Uncomment the next line to enable packet forwarding for IPv4

#net.ipv4.conf.default.forwarding=1

 

# Uncomment the next line to enable packet forwarding for IPv6

#net.ipv6.conf.default.forwarding=1

 

A bit explanation to make it more clear.

 

Disable routing triangulation. Respond to queries out the same interface, not another.

Help to maintain state. Also protects againts IP spoofing

net.ipv4.conf.default.rp_filter=1

Turn on protection from Denial of Service (DOS) attacks

net.ipv4.tcp_syncookies=1

 

Enable IP routing. Required if your firewall is protecting a network, NAT included.

net.ipv4.conf.default.forwarding=1

 

Disable responding to ping broadcasts.

net/ipv4/icmp_echo_ignore_broadcasts=1

Read Full Post »

I realized this thing when I got problem with my laptop’s cooling fans. I use both XP and Ubuntu. And for your information, I still use Pentium IV. The problem was the air tunnel was dirty, so the air circulation was not maximum.

 

When I used XP, I still can work for hours even with heavy programs.

When I worked with Ubuntu, I only can work for max 30 minutes. Especially, when I open few programs.

I could see from the temperatur indicator in Ubuntu Panel. It increased bit slowly until it automatically turn off.

Does Ubuntu need more source of CPU compare to windows XP?

 

I don’t think so. What I think is, in windows, all devices are supported with its original driver. Mean, all devices could work efficiently and use all its capability.

When, I work with Ubuntu, all devices worked with standard driver. Of course, it will need more sources from the CPU.

Well, that’s only what I think.

Do you think the same think with what I think?

 

 

Read Full Post »

« Newer Posts - Older Posts »

Follow

Get every new post delivered to your Inbox.

Join 72 other followers