The upstream openssh project sets the value ServerKeyBits to 1024, but Debian and Ubuntu currently unfortunately have a lower security setting of 768 bits. I’ve filed a bug to fix this. In the meantime, here is how to make that change now!
Full article here:
Debian and Ubuntu Linux: Set openssh SeverKeyBits to 1024 (scottlinux.com)
Recently, a new piece of malware has been wreaking havoc online, locking innocent users out of their files and demanding money. Cryptolocker is a form of virus known as “ransomware” – a variety that attempts to extort money in exchange for providing users with what they already own, but can no longer access.
So what is it about Cryptolocker that changes the game, and how do you prevent yourself from falling victim to this vile threat. That is precisely what we want to look at today.
Full article here:
What is Cryptolocker and How Do You Prevent It? (Make Tech Easier)
We would also add that frequent backups to media that is not connected 24/7 is probably a good idea. If you backup to something that requires a user name and password to access, and it’s not already connected at the time the attack occurs, then that data is probably safe. If you happen to have a recent backup made using something like Redo Backup and Recovery, then should an attack like this occur, you can simply wipe the drive clean and reformat it, then restore from your backup and get most of your files back. But that only works if you make the backup before your system is infected, and only if the attacker can’t access your backup file and corrupt that. So if you choose to backup to a network share, make sure it’s a share that you must log into using a strong password before you can access it, and that it’s NOT a share that you normally stay connected to during day-to-day use!
Here’s a quick tutorial on how to make unprivileged programs listen on privileged ports. The trick here is to make the unprivileged program to listen on an unprivileged port and redirect the privileged port to the unprivileged through iptables.
Full article here:
How to make unprivileged programs listen on privileged ports (catonmat.net)
A password manager helps you manage all your passwords in one safe place so that you won’t have to remember them individually. It makes your job easier by letting you look up any stored password instantly and then use it. Furthermore, you also get to create new, secure passwords that are very hard to break. And here’s the best part: all these features are at zero cost. Absolutely free!
So, if you’re looking for some of the best password managers for your Linux desktop, here’s a list of the best ones:
Full article here:
Best Password Managers for Linux (TechSource)
Having a server or computer connected to a network comes with a certain amount of risk. Any machine, including a VPS, connected to the internet is a potential target for malicious attacks.
While having a well-configured firewall will prevent many kinds of illegitimate access, you still need to open up certain services to allow yourself the ability to log in and administer the server. SSH is the service most commonly used to log into remote systems, and so it also is one of the most frequently targeted.
Fortunately, there is a tool available that can mitigate this attack vector, called fail2ban. This can be configured to allow legitimate logins using SSH, but ban IP addresses after they have failed to authenticate correctly after a set number of times.
Full article here:
How To Protect SSH with fail2ban on Debian 7 (DigitalOcean)
arkOS is an open source project designed to let its users take control of their personal data and make running a home server as easy as using a PC
…..
arkOS is not a solution to the surveillance state, but it does offer an alternative to those who would rather exercise some measure of control over their data and, at the very least, not lock away their information in online services where its retrieval and use is at the whim of a corporation, not the user.
Full article here:
arkOS: Building the anti-cloud (on a Raspberry Pi) (TechWorld)
Related article:
arkOS aims to let anyone host their own cloud with a $35 Raspberry Pi (Liliputing)
I am going to briefly describe how to connect to mythweb that is behind a firewall in a router. I will assume you have mythweb running. If you need help with that please see the mythweb documentation: http://www.mythtv.org/docs/ I will also assume that you know how to forward ports on your router. …..
Full article here:
MythWeb ssh tunnel howto (MythTV wiki)
How to make a DIY home alarm system with a raspberry pi and a webcam
Convert a simple webcam to a fancy digital peephole viewer with motion detection features
Traditional wireless CCTV cameras are cheap but anyone with a wireless receiver can view your signal. On the other hand, IP cameras are secure but they can be quite expensive and usually the video quality is poor — unless you go for a really expensive model.
Lately I wanted to install a home surveillance system so I chose to use a cheap Logitech webcam with Raspberry Pi and motion, an excellent linux program that monitors video signal for changes and triggers events.
Full article here:
How to make a DIY home alarm system with a raspberry pi and a webcam (medium.com)
Apache is still by far the most widely deployed HTTP server, according to the latest Netcraft web server survey, but nginx has been slowly, steadily gaining market share, thanks to its blazing speed. If you want to try a faster web server and move from Apache to nginx, you’ll probably have to change some of your websites’ configurations, starting with rewrite directives. To migrate rewrite rules from Apache to nginx, start with these tips and tricks.
Full article here:
How to convert Apache rewrites for nginx (Linuxaria)
Before moving into the article, let me tell you how this article has been written. This article starts with the introduction to knockd, and proceeds with the implementation of port knocking by using iptables. Note that the same port knocking can be achieved using knockd, as well, which will be discussed in the upcoming article.
Full article here:
Port knocking: Enhance Security Using knockd and/or Iptables From Basics (Unixmen)
GiottoPress by Enrique Chavez
Recent Comments