LXer: Linux and international politics: What we’re seeing about Russia’s takeover of Crimea in tzdata update
Linux.com: Free Linux MOOCs: Live Twitter Chat April 3, 8 a.m. PST with edX CEO and Linux Foundation Executive Director
edX and The Linux Foundation will hold a live Twitter chat this Thursday, April 3 from 8 a.m. - 9 a.m. PST. Jim Zemlin, Linux Foundation Executive Director, and Anant Agarwal, edX CEO, will be on hand to answer your questions about the new partnership to offer free Linux training in a massive open online course (MOOC).
Basically what I'm trying to achieve is to create a vpn over a compressed connection with socat, but I can't seem to make it right The idea is to have:
tun_device <=> gzip/gunzip <=> tcp_connection <=> gzip/gunzip <=> tun_device
I'd just like to know if there is a way to do this with socat. I'm not looking for other solutions or other vpn software. I tried with something like:
socat tun:126.96.36.199/24,up "exec1:gzip % exec1:gunzip | TCP4-LISTEN:<port>"
on the first device and with:
socat tun:188.8.131.52/24,up "exec1:gzip % exec1:gunzip | TCP4-CONNECT:<remoteaddr>:<port>"
but I keep getting errors of gzip telling me that it reached "unexpected end of file" and broken pipes...submitted by sbkemu
I'm still in school, and I need to take some notes. Does anyone know some good note taking software? Needs to do math and formulas well, as I study physics, chemistry and math. Last time I tried Evernote, it was, not to sugarcoat it, shit at formulas. So, are there any hidden gems out there, running natively on Linux? I run Arch Linux and Gnome. Thanks.submitted by Numsefisk43
[link] [9 comments]
Article by: Kerry Blake
Apache is the most widely used Web server on the Internet. It was developed to work in Unix environment, but was ported to other server operating system like Windows. The Apache web server serves millions of websites and web-applications. A wide range of authentication schemes and a lot of language interfaces support and security features makes it the favorite Web server of millions of users all over the globe.
The stardom and popularity also makes websites that are backed by Apache favorite target among hackers. Websites that are backed by Apache often fall prey for hack attacks not because of security risks and holes in Apache, but mainly because of poorly written code and other security issues associated with Database. Apache and Linux combination provides good security, but things might go wrong if you don’t take the measures. There are several things one need to do to secure Apache. We have compiled a list of simple things you should perform to make you Web server secure.
Security holes and potential risks are found and fixed in every Apache release. The developer community is constantly working on new security issues and we can’t stress enough how important it is to update.
A good update policy and security policy works hand-in-hand. You should not only update Apache when there is a major release, but also should also install all the patches. It is also wise to update PHP (if you use it) as well when you update Apache.
You can check the current version of Apache by using the following command.
If it shows that the version of Apache you are running in not up to date, do update.Apache version and OS
If an error occurs, the server might return information about the error along with the Apache version and details about the OS. A simple 404 page can give crucial information about the Web server and OS. In some cases, it might even return details about Apache modules that are also installed in the server.
To turn this off, open the config. File (httpd.conf) with a text editor and find the string “ServerSignature On.” It should be On by default. Turn it off simply by replacing “On” by “Off.”
Now the HTTP site header and error pages will only show that it runs Apache and will not show the version.
If there is no index file in the root directory, Apache will, by default list all the files in the root directory. There are several ways to prevent Apache from listing the files in the root folder. Again you need to add a couple of lines to the config file. There are 2 ways to doing this. Either set the Option Directive to “-Indexes” or “None.” If you don’t have a clue what we are talking about just add the following lines to the config file.<directory /var/www/html> Options -Indexes Order allow,deny Allow from all </directory>
Or use the following code.<directory></directory> Options None Order allow,deny Allow from all
In some distributions these directive are already set, but it’s better to check, after all better safe than sorry.Secure the config file
If you are a newbie and if you have been following the steps above, you should have conceived the fact that, the httpd.conf file is quite important in keeping your server secure. So it is better to hide your file. You can always unhide it when you want.
Use the following command to immunize the config file.
From chattr man page:
“A file with the `i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.”Prevent DoS attack by limiting request size
Most Denial of service attacks could be prevented by not allowing large requests. By default the LimitRequestBody is set unlimited. Depending on your website’s requirement the size could be altered. You could also limit requests to more vulnerable directories like upload folders.Disable unwanted Modules
By disabling several modules that are not of any use to you, you can reduce the security vulnerability of your server. To find out the list of all the modules in your Web server, you can use the following command.# grep LoadModule /etc/httpd/conf/httpd.conf
Analise all the modules in the output list and figure out the ones that are unnecessary. You don’t even have to delete the lines. Just add “#” at the beginning and it will become deactivated after you restart the service.Do not run Apache as root
Apache should not run as root. It is always good to run Apache as a separate user. It will run as daemon or nobody by default. Set up a non-privileged account dedicated for Apache. Never set Apache User or Group to root.# vi httpd.conf Group apache User apache Choose the right hosting provider
This doesn’t have anything to do with fiddling with your Web server. Some of the most popular web hosting services are from the America or Europe. Popular doesn’t mean, highly secure. You don’t necessarily have to buy your web hosting from these hosting providers. If you don’t live in the U.S., you can find a lot of reliable, affordable, and secure hosting providers in your own country. Do you live in Australia? Look for an Australian website hosting provider like EZI Hosting and choose the most popular hosting providers whose IP addresses are not often attacked by hackers.
Apache Website: http://httpd.apache.org/
Besides approving Mesa 10.1 for Fedora 20, the Fedora Engineering and Steering Committee approved today several features/changes to be found in Fedora 21.
Fedora 21 won't be released until at least October of this year and its landing heavy with features. Each Wednesday after the FESCo meetings we find another batch of newly-approved features and today is no different.