Linuxinsight

Syndicate content
LinuxInsight - aggregated feeds
Updated: 1 hour 58 min ago

LXer: Linux and international politics: What we’re seeing about Russia’s takeover of Crimea in tzdata update

Thu, 03/04/2014 - 4:48am
The tzdata package is updating in Fedora today, and just to show you how international politics — you know, when one country takes over another — can show up in a software update, take a look at the changelog entry.

LXer: Open Source Project Brings 11th Century Kannada Verses Online

Thu, 03/04/2014 - 3:51am
This project was started a year ago when Kannada Wikimedian Omshivaprakash was trying to help Professor O. L. Naghabhushana Swamy and Kannada author and publisher Vasudhendra to easily access the vachana (verses) of Vachana Sanchaya. Swamy had challenges in using publicly available content on Vachanas since the data was in ASCII standard and searching text was a huge problem. Pavithra Hanchagaiah started helping to collect information about about vachanas and document them into Unicode by writing scripts to customize open source software to convert the Kannada fonts from ASCII into Unicode.

Linux.com: Free Linux MOOCs: Live Twitter Chat April 3, 8 a.m. PST with edX CEO and Linux Foundation Executive Director

Thu, 03/04/2014 - 3:40am

edX and The Linux Foundation will hold a live Twitter chat this Thursday, April 3 from 8 a.m. - 9 a.m. PST. Jim Zemlin, Linux Foundation Executive Director, and Anant Agarwal, edX CEO, will be on hand to answer your questions about the new partnership to offer free Linux training in a massive open online course (MOOC).

LXer: IPython 2.0 released

Thu, 03/04/2014 - 2:54am
IPython 2.0 was released today adding widgets, for manipulating Python objects in the kernel with GUI controls in the notebook. IPython comes with a few built-in widgets for simple data types, and an API designed for developers to build more complex widgets.

LXer: AMD partners with Mentor on embedded Linux BSPs

Thu, 03/04/2014 - 1:57am
AMD and Mentor Graphics are developing BSPs based on Mentor Embedded Linux for the new “Steppe Eagle” (G-Series) and “Bald Eagle” (R-Series) processors. The multi-year agreement between AMD and Mentor Graphics covers open source embedded Linux development for heterogeneous and multicore processors from AMD, starting with two new G-Series and R-Series processors expected to launch […]

Phoronix: Linux Kernel Developers Fed Up With Ridiculous Bugs In Systemd

Thu, 03/04/2014 - 1:46am
A patch was sent out today to the Linux kernel mailing list that would hide the "debug" string from showing up within the /proc/cmdline output. Why? To workaround a systemd bug. This has set off Linus Torvalds on another epic tirade...

LXer: Krita on Steam - Early Access Now Available

Thu, 03/04/2014 - 12:59am
A few days ago I’ve overviewed Calligra, the KDE office suite, which also includes Krita, the powerful image editing tool. Although I’ve mentioned it as being free, it looks like Krita Gemini, which is the name by which Krita goes on Steam, actually costs $22.99, covering the work needed to build, release and maintain it on Steam.

LXer: Gamers, makers, and sci-fi fans unite! at Penguicon 2014

Thu, 03/04/2014 - 12:02am
As someone who makes it to about 20 events a year between open source conferences and science-fiction/fandom-type events, I feel qualified to describe Penguicon as a relatively unique event among its brethren, as it is a bit of both of those. It's also a music event, a gaming event, and a maker event. It's a little bit of all these interests that so often intersect, and this year's event, to be held May 2 - 4 in Southfield, MI, is fast approaching.

Reddit: Can I burn two parts to two different cd's?

Wed, 02/04/2014 - 11:22pm

I don't have enough space so can I split it up into two parts across two cd's? Edit: It's Linux Mint

submitted by Suicidalhamaster
[link] [4 comments]

LXer: Enemy Starfighter Has A Lot Of PewPewPew In The Latest Trailer

Wed, 02/04/2014 - 11:05pm
Enemy Starfighter is the insanely good-looking space-combat sim that really reminds me of Freespace 2, and the new trailer is brilliant.

Reddit: tunnel with socat over compressed connection

Wed, 02/04/2014 - 10:57pm

Basically what I'm trying to achieve is to create a vpn over a compressed connection with socat, but I can't seem to make it right The idea is to have:

tun_device <=> gzip/gunzip <=> tcp_connection <=> gzip/gunzip <=> tun_device

I'd just like to know if there is a way to do this with socat. I'm not looking for other solutions or other vpn software. I tried with something like:

socat tun:192.175.0.1/24,up "exec1:gzip % exec1:gunzip | TCP4-LISTEN:<port>"

on the first device and with:

socat tun:192.175.0.2/24,up "exec1:gzip % exec1:gunzip | TCP4-CONNECT:<remoteaddr>:<port>"

but I keep getting errors of gzip telling me that it reached "unexpected end of file" and broken pipes...

submitted by sbkemu
[link] [comment]

Linux.com: PostgreSQL and Linux Kernel Developers Discuss Fsync Issues at Collaboration Summit

Wed, 02/04/2014 - 10:24pm
Last week, I attended the Linux Storage, Filesystems, and Memory Management summit (LSF/MM) on Monday and Tuesday, and the Linux Collaboration Summit (aka Collab) from Wednesday through Friday.  Both events were held at the Meritage Resort in Napa, CA.  This was by invitation of some Linux developers who wanted to find out more about what PostgreSQL needs from the Linux kernel.  Andres Freund and I attended on behalf of the PostgreSQL community; Josh Berkus was present for part of the time as well.

LXer: MIPS-based Newton module takes on Intel&#8217;s Edison in wearables

Wed, 02/04/2014 - 10:18pm
Ingenic unveiled a tiny MIPS-based “Newton” COM for wearable and IoT devices that runs Android or Linux on an its Xburst SoC, and offers WiFi and sensors. The Newton computer-on-module development platform was announced both by Beijing-based semiconductor company Ingenic Semiconductor and by Imagination Technologies, which licenses MIPS intellectual property to Ingenic. While Imagination’s announcement […]

Reddit: Good note taking software

Wed, 02/04/2014 - 9:39pm

Hey r/linux

I'm still in school, and I need to take some notes. Does anyone know some good note taking software? Needs to do math and formulas well, as I study physics, chemistry and math. Last time I tried Evernote, it was, not to sugarcoat it, shit at formulas. So, are there any hidden gems out there, running natively on Linux? I run Arch Linux and Gnome. Thanks.

submitted by Numsefisk43
[link] [9 comments]

LXer: Thinking like a hacker reduces security breaches

Wed, 02/04/2014 - 9:30pm
Automated testing has its place in detecting IT security weaknesses but it cannot replace manual testing. “Amazingly, even a decade’s old vulnerability like SQL injection still surprises most clients,” adds Jensen. “I think most of the surprises come from the exploitation of seemingly innocuous functionality that results in a devastating vulnerability.”

Linuxaria: 8 Simple To Follow Tips To Secure Your Apache Web Server

Wed, 02/04/2014 - 9:25pm

Article by: Kerry Blake

Apache is the most widely used Web server on the Internet. It was developed to work in Unix environment, but was ported to other server operating system like Windows. The Apache web server serves millions of websites and web-applications. A wide range of authentication schemes and a lot of language interfaces support and security features makes it the favorite Web server of millions of users all over the globe.

The stardom and popularity also makes websites that are backed by Apache favorite target among hackers. Websites that are backed by Apache often fall prey for hack attacks not because of security risks and holes in Apache, but mainly because of poorly written code and other security issues associated with Database. Apache and Linux combination provides good security, but things might go wrong if you don’t take the measures. There are several things one need to do to secure Apache. We have compiled a list of simple things you should perform to make you Web server secure.


First thing: Update

Security holes and potential risks are found and fixed in every Apache release. The developer community is constantly working on new security issues and we can’t stress enough how important it is to update.
A good update policy and security policy works hand-in-hand. You should not only update Apache when there is a major release, but also should also install all the patches. It is also wise to update PHP (if you use it) as well when you update Apache.
You can check the current version of Apache by using the following command.

# http -v Server version: Apache/2.*.** (Unix) Server built: Mar 12 2014 13:20:23

If it shows that the version of Apache you are running in not up to date, do update.

Apache version and OS

If an error occurs, the server might return information about the error along with the Apache version and details about the OS. A simple 404 page can give crucial information about the Web server and OS. In some cases, it might even return details about Apache modules that are also installed in the server.
To turn this off, open the config. File (httpd.conf) with a text editor and find the string “ServerSignature On.” It should be On by default. Turn it off simply by replacing “On” by “Off.”
Now the HTTP site header and error pages will only show that it runs Apache and will not show the version.

Disable Directory Listing.

If there is no index file in the root directory, Apache will, by default list all the files in the root directory. There are several ways to prevent Apache from listing the files in the root folder. Again you need to add a couple of lines to the config file. There are 2 ways to doing this. Either set the Option Directive to “-Indexes” or “None.” If you don’t have a clue what we are talking about just add the following lines to the config file.

<directory /var/www/html> Options -Indexes Order allow,deny Allow from all </directory>

Or use the following code.

<directory></directory> Options None Order allow,deny Allow from all

In some distributions these directive are already set, but it’s better to check, after all better safe than sorry.

Secure the config file

If you are a newbie and if you have been following the steps above, you should have conceived the fact that, the httpd.conf file is quite important in keeping your server secure. So it is better to hide your file. You can always unhide it when you want.
Use the following command to immunize the config file.

chattr +i /httpd/conf/httpd.conf

From chattr man page:

“A file with the `i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.”

Prevent DoS attack by limiting request size

Most Denial of service attacks could be prevented by not allowing large requests. By default the LimitRequestBody is set unlimited. Depending on your website’s requirement the size could be altered. You could also limit requests to more vulnerable directories like upload folders.

Disable unwanted Modules

By disabling several modules that are not of any use to you, you can reduce the security vulnerability of your server. To find out the list of all the modules in your Web server, you can use the following command.

# grep LoadModule /etc/httpd/conf/httpd.conf

Analise all the modules in the output list and figure out the ones that are unnecessary. You don’t even have to delete the lines. Just add “#” at the beginning and it will become deactivated after you restart the service.

Do not run Apache as root

Apache should not run as root. It is always good to run Apache as a separate user. It will run as daemon or nobody by default. Set up a non-privileged account dedicated for Apache. Never set Apache User or Group to root.

# vi httpd.conf Group apache User apache Choose the right hosting provider

This doesn’t have anything to do with fiddling with your Web server. Some of the most popular web hosting services are from the America or Europe. Popular doesn’t mean, highly secure. You don’t necessarily have to buy your web hosting from these hosting providers. If you don’t live in the U.S., you can find a lot of reliable, affordable, and secure hosting providers in your own country. Do you live in Australia? Look for an Australian website hosting provider like EZI Hosting and choose the most popular hosting providers whose IP addresses are not often attacked by hackers.

Apache Website: http://httpd.apache.org/

Related posts:

  1. Using Apache as File server with DAV and Ldap
  2. How to Really Secure Your Linux VPS SSH Service

TuxMachines: Fedora 21 Will Have Java 8, Other Additions

Wed, 02/04/2014 - 9:03pm

Besides approving Mesa 10.1 for Fedora 20, the Fedora Engineering and Steering Committee approved today several features/changes to be found in Fedora 21.

Fedora 21 won't be released until at least October of this year and its landing heavy with features. Each Wednesday after the FESCo meetings we find another batch of newly-approved features and today is no different.

Read more ►

read more