by Suparna Ganguly

Linux distros are usually more secure than their Windows and Mac counterparts. Linux Operating Systems being open-source leaves very less scope of unauthorized access to its core. However, with the advancement of technologies, incidents of attacks are not rare.

Are you in a fix with the coming reports of Linux systems targeted malware attacks? Worried about your online presence? Then maybe it’s time to go for a secure, privacy-focused Linux distro. This article presents a guide to 3 privacy-oriented Linux distributions that respect your privacy online.

Why You Need a Privacy-focused Linux Distro

But before jumping into that, let’s have a brief overview regarding the importance of a secure Linux Operating System. You may know that the Operating System is the core software of your computer. It helps maintain communication across all the hardware, software, memory, and processor of the system. It also manages the hardware parts.

If your computer isn’t secure enough to use, then hackers can get easy access to the OS and can exploit it to view your files and track your presence on the internet. Privacy-focused Linux distributions offer a lot of good choices packed with the most reliable features to select from.

5 Privacy-focused Linux Distributions

Now let’s take a look at the most privacy-focused Linux distros that allow staying secure.

Septor Linux

Septor Linux is an OS created by the project called Serbian Linux. Serbian Linux also produces Serbian language-based general general-purpose Linux distribution. Septor implements the KDE Plasma desktop environment and is a newcomer among all other distros.

The Septor operating system offers a stable and reliable user experience. It’s suitable for a vast range of computers because it is built upon Debian GNU/Linux. So, a solid privacy level is what you can expect. The distro routes all of the internet traffic through Tor network to earn privacy credentials. The distro used to use a launcher script to pick up the latest Tor, however, now Tor comes in bundles with it by default.

Go to Full Article

by Suparna Ganguly

Are you in search of open-source ticketing tools for Linux? Well, this article brings a guide to 5 fair selections of open source ticketing software to provide uninterrupted customer support.

Why You Need Ticketing Tools

A customer trouble ticketing (help desk) is an assistance resource to solve a customer query. Companies often provide customer support using email, website, and/or telephone. The importance of ticketing software is a crucial part for any business to be successful.

Your business can’t run properly without a satisfied client base. Increased customer retention is what businesses need. Right ticketing tools help ensure the best customer service for any business. 

Linux makes sure enterprises get the best possible customer service software for their businesses to have sustainable growth. Because a powerful set of ticketing software provides undivided support that the businesses deserve.

5 Best Ticketing Tools for Linux

This section takes you through 5 different ticketing software to be downloaded on Linux and why you should use them. So let’s begin!

osTicket

For all the newly started businesses, osTicket would be a viable open source ticketing tool. It’s a lightweight and efficient support ticket software used by a good number of companies. If you run an enterprise or a non-profit and are not ready for paid ticketing tools just yet, osTicket is a must-try.

osTicket provides a simple and intuitive web interface to integrate customer queries via phone, email, and web forms. Worried of spam emails? osTicket helps reduce spam enabling captcha filling and auto-refreshing techniques.

You can work on a priority basis through this ticketing tool and get the issues solved in the lowest possible time.

PHD Help Desk

PHD Help Desk is a PHP+Javascript+MySQL-based open source ticketing tool and is used in the registry. PHD helps follow-up incidents in an organization. PHD has a user base all across the world. The latest version of the PHD Help Desk is 2.12.

This ticketing tool works in various ways. Using PHD, incidents can be classified and registered into multiple levels, such as the state of incident, type, sub-type, priority, description of Incident, historical factors, to name a few. 

The database is consulted in a particular format depending on the user requirements. The data is then processed on a tallying sheet. Some of the advanced features of PHD Help Desk are the ability to export tickets into excel format, a PHPMailer Library to configure emails, and new password creation.

Go to Full Article

by Suparna Ganguly

Are you in search of Linux laptops? This article takes you through 6 different places that offer the best Linux laptops. So get prepared to choose your Linux laptop in 2021.

Dell

When it comes to laptops, the first name that comes to my mind is Dell. For over 20 years Dell has been selling high-end Linux laptops. In a Dell store, you can get Ubuntu and Redhat Enterprise Linux laptops. These laptops are built to meet the needs of developers, businesses, and sysadmins.

For developers, who travel a lot, XPS 13 Developer Edition would be the confirmed best choice. Dell XPS comes at an expensive cost of around $1,000. So, if you’re in search of something less expensive, you can check Dell Inspiron laptops. Dell’s Precision workstations with RHEL or Ubuntu are designed for small business owners or CG professionals.

Side Note: Dell doesn’t have a separate section for Linux laptops. Type Ubuntu in the search to get a view of all its laptops with Linux preinstalled.

Slimbook

Slimbook is well known for its thin, rigid, and light durable laptops starting at a reasonable price of €930 (approx $1,075). These come with a nice screen, solid battery life, powerful CPU, and very good speakers.

This brand is from Spain. Slimbook came ahead of its competitors launching the first KDE laptops.

Slimbook brings laptops with a good variety of popular Linux distros, such as KDE Neon, Ubuntu, Ubuntu MATE, Linux Mint, Kubuntu. Additionally, their laptops have two Spanish Linux distros – Max and Lliurex. You can choose Windows OS as well with their laptops, but for that, additional costs are there.

Slimbook offers desktop systems too. So, if you ever need desktops, check it here. 

System76 

System76’s Linux laptops are very well built, powerful, and extremely portable. If you are a software developer, you travel a lot, and you’re in search of a laptop with 32G RAM and 1T SSD, then go for System76.

System76 laptops used to be Ubuntu-powered, initially. Later on, in 2017, this US-based company released their own Linux distro, called the Pop! OS. Pop OS is designed using Ubuntu. After that, Pop became the default OS with Ubuntu being still available.

Go to Full Article

by Nawaz Abbasi

As per NASA, “A black hole is a place in space where gravity pulls so much that even light can not get out”. Something similar exists in the Linux universe as well - it discards anything written to it and when read, just returns an EOF (end-of-file). It’s a special file which is also referred to as null device - /dev/null

So, it’s just a file?

Yes and most of the things in Linux is a file but /dev/null is not a regular file – lets dig deeper.

c in crw-rw-rw- tells us that it's a character special file, which means it processes data character by character. This can be checked using test -c as well:

What are the contents of the file?

Let’s check that using the cat command:

As stated earlier, it just returns an EOF (end-of-file) when read. So, it's empty!

What more can we know about the file?

Let’s find out using the stat command:

This tells us that its size is 0. Also, it’s good to note that the file’s read and write permission is enabled for everyone but it doesn't require execute permission. 

What happens to the file’s size when we write data to it?

Let’s try that:

The cat command returned nothing and as per the stat command, its size did not change.

As stated earlier, it discards anything written to it. You may write any amount of data to it, which will be immediately discarded, so its size will always remain 0 – Singularity?

In other words, you cannot change /dev/null

Go to Full Article

by Suparna Ganguly

Not only the Linux distros are open-source but the apps for Linux are also free. Though some business apps come with a cost, most of the apps created for individuals don’t have any charges.

Want to know about some of the cool apps to download on your Linux machine?

This article walks you through 7 apps to download on Linux to make your life easier. Head over to the next section!  

Ulauncher

Before downloading any other application on Linux, we recommend getting Ulauncher. That’s because you can launch any application via Ulauncher just by using the keyboard.

Try adding Ulaucher extensions to get the most of this app inspired by Alfred for Mac. You can extend capabilities with the extensions, such as looking up dictionary definitions, launching web searches, finding and copying emojis to a clipboard, and lots more.

Ulaucher runs smoothly and allows searching files and apps using hotkeys. Ulaucher features include built-in themes, customizable shortcuts, Fuzzy search, a wide variety of plugins, searching on Google, Stack Overflow, and Wikipedia.

Thunderbird

Thunderbird by Mozilla is an open-source email client. Some Linux distros offer Thunderbird installed. If it’s not, hop onto your App Center or Software Center and get it installed. You can download the app from their website as well.

The setup wizard guides you through the process of creating your own email address. Thunderbird provides email settings for most of the common email application providers. So, an existing email account can be added too. Attach multiple email accounts as per your needs.

Want to make Thunderbird look cool? Add-ons, such as themes, Lightning extension, sorting out Mail folders, are some of the features to try out.

Steam

Looking for gaming clients on Linux? Use Steam from Valve. Steam is, admittedly, the best games distribution store for top OSs like Linux.

From Shadow of the Tomb Raider to DiRT 4, and from DOTA 2 to Warhammer – Steam boasts many thousands of indie hits, retro-flavored, and AAA titled games for Linux. 

Go to Full Article

by Manuel Sabban Prerequisites

This article is a follow-up from the Crowdsec multi-server setup. It applies to a configuration with at least two servers (referred to as server-1 and one of server-2 or server-3).

Goals

To address security issues posed by clear http communication in our previous crowdsec multi-server installation, we propose solutions to achieve communication between Crowdsec agents over encrypted channels. On top of that, the third solution allows server-2 or server-3 to trust server-1 identity, and avoid man-in -the -middle attacks.

Using self-signed certificates Create the certificate

First we have to create a certificate. This can be achieved with the following one-liner.

openssl req -x509 -newkey rsa:4096 -keyout encrypted-key.pem -out cert.pem -days 365 -addext "subjectAltName = IP:172.31.100.242"

For now crowdsec is not able to ask for the passphrase of the private key when starting.  Thus we have the choice to decipher by hand the private key each time we start or reload crowdsec or store the key unencrypted. In any way to strip the passphrase one can do:

openssl rsa -in encrypted-key.pem -out key.pem

Then, the unencrypted key file can be safely deleted after Crowdsec is started.

Configure crowdsec for using a self-signed certificate

On server-1 we have to tell crowdsec to use the generated certificate. Hence, the  tls.cert_file and tls.key_file option in the api.server section of the following /etc/crowdec/config.yaml excerpt set to the generated certificate file.

api: server: log_level: info listen_uri: 10.0.0.1:8080 profiles_path: /etc/crowdsec/profiles.yaml online_client: # Crowdsec API credentials (to push signals and receive bad tls: cert_file: /etc/crowdsec/ssl/cert.pem key_file: /etc/crowdsec/ssl/key.pem

On the client side configuration changes happen in two files. First we have to modify /etc/crowdec/config.yaml to accept self-signed certificates by setting the insecure_skip_verify to true.

We have to change http for https in the  /etc/crowdsec/local_api_credentials.yaml file too in order to reflect the changes. This small change has to be done on all three servers (server-1, server-2 and server-3).

Go to Full Article

by Dmitriy Kuptsov INTRODUCTION

Sometimes it is easier to implement prototypes in user space using high-level languages, such as Python or Java. In this document we attempt to describe our implementation effort related to Host Identity Protocol version 2. In the first part, we describe various security solutions, then we discuss some implementation details of the HIP protocol, and finally, in the last part of this work we discuss the performance of the HIP and IPSec protocols implemented using Python language.

BACKGROUND

In this section we will describe the basic background. First, we will discuss the problem of mobile Internet and introduce the Host Identity Protocol. We then move to the discussion of various security protocols. We will conclude the section with the discussion of Elliptic Curves and a variant of DiffieHellman algorithm, which uses EC cryptography (ECC).

Dual role of IP

Internet was designed initially so that the Internet Protocol (IP) address is playing dual role: it is the locator, so that the routers can find the recipient of a message, and it is an identifier, so that the upper layer protocols (such as TCP and UDP) can make bindings (for example, transport layer sockets use IP addresses and ports to make a connections). This becomes a problem when a networked device roams from one network to another, and so the IP address changes, leading to failures in upper layer connections. The other problem is establishment of the authenticated channel between the communicating parties. In practice, when making connections, long term identities of the parties are not verified. Of course, there are solutions such as SSL which can readily solve the problem at hand. However, SSL is suitable only for TCP connections and most of the time practical use cases include only secure web surfing and establishment of VPN tunnels. Host Identity Protocol on the other hand is more flexible: it allows peers to create authenticated secure channels on the network layer, and so all upper layer protocols can benefit from such channels.

HIP13 relies on the 4-way handshake to establish an authenticated session. During the handshake, the peers authenticate each other using long-term public keys and derive session keys using Diffie-Hellman or Elliptic Curve (EC) Diffie-Hellman algorithms. To combat the denial-of-service attacks, HIP also introduces computational puzzles.

Go to Full Article

by Suparna Ganguly

It’s possible to deep dive into the virtual reality gaming world on your Linux system. Want to explore VR games on Linux? This article takes you through the top 3 VR games available on Linux.

Ready to get amazed? Let’s start.

What are VR Games?

VR games are the new-gen computer games enabled with virtual reality, in short, VR technology. It gives players a first-person perspective of all the gaming actions. As a participant, you can enjoy the gaming environment through your VR gaming devices, such as hand controllers, VR headsets, sensor-equipped gloves, and others.

VR games are played on gaming consoles, standalone systems, powerful laptops, and PCs compatible with VR headsets including HTC Vive, Oculus Rift, HP Reverb G2, Valve Index, and others.

Now, a little brief about VR technology. By now, you know that VR is an abbreviation of Virtual Reality. This is, basically, a computer-generated simulation where the player controls its generated objects through the limb and facial movements in a three-dimensional environment. This environment is interacted with through special equipment, like clothing having touch simulating pressure nodes and enclosed glasses with screens in front, instead of lenses.

A lot of VR objects are usable as they are in reality and the gaming developers are making the VR universe more and more immersive with each passing day.

How to Get VR Games on Linux

The Steam store seems to be the best way to get VR games on your system. Good news: you don’t need to worry about installing all the modules and software to run the game smoothly. Steam client is ready to take all the worries. So, get a Steam account by downloading the client from Steam’s site.

Back in 2019, it was reported that VR Linux desktops are around the corner. What about now? Xrdesktop is here for you. Xrdesktop is free to use. It lets you work with the common desktop environments, like GNOME and KDE.

The SimulaVR is a similar open-source project to check out.

Top 3 VR Games Available on Linux

Now the fun part: In this section, we’ll share the best 5 VR games to play on Linux in your gaming time.

Go to Full Article

by Suparna Ganguly

Checking the battery status through GUI is easy. Hovering the mouse cursor over the battery indicator given in the Laptop task bar simply shows the battery level. But, did you know you can find the battery status through the Linux command line as well?

Yes, there are some utilities in Linux that can be of help in this regard.

This article explains 4 different methods of checking laptop battery status using the Linux command line. So,

Why Do You Need to Check Battery Status?

So, why do you need to check the battery status? Knowing laptop battery health on a monthly basis is a good practice. It’ll inform you about any issues your computer might have related to charging or battery life. You can get alerted earlier and take the measures required, such as charging or altering batteries.

When your PC is not active, the power management feature levels down its components to a low-power state. And also turns off the power. 

Similarly, knowing the power source, battery model name, the technology used, vendors, etc helps operate your devices better and keep work going without any hassles.

How to Check Battery Status Using Linux Command Line

Follow the methods mentioned below to check battery status using the Linux command line. Check Battery Status with “upower” CommandThe command produces output 

Check Battery Status with upower Command

The upower command-line tool helps extract information related to the power source (batteries). It provides an interface to list down all the power sources of your PC or laptop.

Options Used with the upower Command

• –monitor: You can print a line each time a battery or power source is added by connecting –monitor to upower. It also produces outputs while the power sources are removed or changed.

• –monitor-detail: This option prints the full power source detail whenever an event occurs.

 

Syntax

upower -i /org/freedesktop/UPower/devices/battery_BAT0 upower -i `upower -e | grep 'BAT'` upower -i $(upower -e | grep BAT) | grep --color=never -E "state|to\ full|to\ empty|percentage"

The above are three different ways of using acpi command to find power source information.

Use cat and find

The “cat” and “find” commands also help find details about your battery and power source.

Syntax

For the battery capacity, the syntax would be:

cat /sys/class/power_supply/BAT0/capacity

For more detailed battery information use the find command.

Go to Full Article

by Suparna Ganguly

Decreasing video sizes becomes necessary when space is limited in cloud services, disks, or personal storage drives. You can easily hold onto larger files by chopping them down to a lower size.

The world of open-source video editing tools is huge. So, choosing one can be tricky. This article explains how you can efficiently decrease video sizes using FFmpeg in Linux.

What is FFmpeg?

So, what is FFmpeg? FFmpeg is a free and open-source command-line utility used in handling audio, video, other multimedia files, and streams in Linux. It has widespread use in video scaling, format transcoding, basic editing, standards compliance, and video post-production effects.

It can create GIFs, edit videos, and record also. You can convert videos at up to a minuscule level while maintaining the quality to a great extent. 

MPEG video standards group brought inspiration in defining the name of this media handling software project, while “FF” stands for “Fast Forward”. FFmpeg functions as a backbone of several software projects and renowned media players – YouTube, Blender, VLC, and iTunes, to name a few.

How to Install FFmpeg

Want to get hands-on with it? Let’s install FFmpeg.

Basically, you have to use the following codes for Ubuntu, Arch Linux, and Fedora respectively.

# Debian/Ubuntu sudo apt-get install ffmpeg # Arch Linux sudo pacman -S ffmpeg #REHL/CentOS/Fedora sudo dnf install ffmpeg sudo rpm install ffmpeg sudo yum install ffmpeg

 

And FFmpeg will be in your Linux distro.

Basic Usage of FFmpeg

To convert a media file using the default settings of FFmpeg, type:

ffmpeg -i inputfile.video outputfile.video

The above command will change the specified format into the output format given. 

How to Decrease Video Sizes Using FFmpeg

Going to the basics: Not all video files are created following the same procedure. Hence, file sizes tend to be different. For example, the avi video file extensions are larger than mp4 files.

Takeaway? The smallest mp4 file of a video will be smaller than the smallest avi file of the same video. However, the quality will vary with each of these varied file sizes. Mp4s are not the smallest size you can expect. Various containers for Windows media videos and flash videos (FLV and WMV) are the winners.

Go to Full Article

by Suparna Ganguly

Want to know the tricks of replacing a variable in a file using the SED command?

This article will give you an overview of replacing a variable value in a file using SED. Before replacing a variable in a file using SED, you need to understand what SED is, the syntax of SED, and how SED works.

I’ll also show how to perform delete operations using SED. This will come after the variable value replacement part. If you’re looking for that, you can directly jump onto that, and skip the rest.

So, let’s begin the guide.

 

What is SED?

So, what is  SED?

SED command in Linux stands for Stream Editor. It performs searching, insertion, find and replace, deletion. In the Linux world, SED is mainly popular for its find and replace functionality.

With the help of SED, coders can edit files without even opening them.

In a nutshell,

• SED is a text stream editor. It can be used to do find and replace, insertion, and delete operations in Linux.

• You can modify the files as per your requirements without having to open them.

• SED is also capable of performing complex pattern matching.

  Syntax of SED

Here we’ll see the syntax of SED used in a simple string replacement. This will help understand the command better.

So the syntax is:

sed -i 's/old-string/new-string/g' file_name   How SED Works

In the syntax, you only need to provide a suitable “new string” name that you want to be placed with the “old string”. Of course, the old string name needs to be entered as well.

Then, provide the file name in the place of “file_name” from where the old string will be found and replaced.

Here’s a quick example to clear the concept.

Suppose, we have a random text “Welcome to Linux Channel” in a text file called “file.txt”.

Now, we want to replace “Channel” with “Family”. How can we do that?

First, write the below-given command in the terminal to create the file.

cat file.txt

Press enter, then type:

Welcome to Linux Channel

Let’s alter “Channel” with “Family” now. So, go to the next line, and type:

sed -i 's/Channel/Family/g' file.txt

After running the command, to view the file again, type:

cat file.txt

You’ll see “Channel” has been replaced with “Family”. In this way, you can replace a string using the SED command. Let’s learn how to replace a variable using SED, now.

Go to Full Article

by Suparna Ganguly

Do you want to create a Shell script in your Linux system?

This guide will take you through how to create a shell script using multiple text editors, how to add comments, and how to use Shell variables.

But before heading over to creating a shell script, let’s understand what Shell scripting in Linux is.

What is Shell Scripting in Linux?

So, what’s Shell scripting?

Shell Scripting is defined as an open-source program that’s run by Linux or Unix shell. Through shell scripting, you can write commands to be executed by the shell.

Lengthy and repetitive commands are usually combined into a simple command script. You can store this script and execute it whenever needed. 

Shell scripting in Linux makes programming effortless.

Ways of Creating a Simple Shell Script in Linux

Creating a simple shell script in Linux is very easy. You can do that using multiple text editors. This tutorial will show how to create a shell script with two different methods, such as 1) using the default text editor, and 2) Using the Vim text editor tool.

Method 1: Using the Default Text Editor

To create a shell script using the default text editor, just follow the steps given below.

Step 1: Create a text file having a “.sh” extension. Then type a simple script.

Step 2: Now don’t change the directory. And open the terminal. Using the command below, give executable access to the file created.

chmod +x testing.sh

Step 3: Execute the below-given script in the terminal:

./testing.sh

This was a simple technique of creating a shell script in Linux using the default editor. Now, let’s look at the next method.

Method 2: Using the Vim Text Editor Tool

Vim text editor tool is a tool that helps create a shell script in a Linux system. In case you don’t have it already installed, use the command to install Vim:

sudo apt install vim

Now follow the steps for creating a shell script using the tool.

Step 1: For opening the editor, simply type:

vim

Step 2: Once you’re in, open the terminal. Then create a bash file via:

vi testing.sh

After the execution of the command, the editor will appear as below.

Go to Full Article

by Charles Fisher Introduction

The SQLite database is a wildly successful and ubiquitous software package that is mostly unknown to the larger IT community. Designed and coded by Dr. Richard Hipp, the third major revision of SQLite serves many users in market segments with critical requirements for software quality, which SQLite has met with compliance to the DO-178B avionics standard. In addition to a strong presence in aerospace and automotive, most major operating system vendors (including Oracle, Microsoft, Apple, Google, and RedHat) include SQLite as a core OS component.

There are a few eccentricities that may trip up users from other RDBMS environments. SQLite is known as a “flexibly-typed” database, unlike Oracle which rigidly enforces columnar datatypes; character values can be inserted into SQLite columns that are declared integer without error (although check constraints can strengthen SQLite type rigidity, if desired). While many concurrent processes are allowed to read from a SQLite database, only one process is allowed write privilege at any time (applications requiring concurrent writers should tread carefully with SQLite). There is no network interface, and all connections are made through a filesystem; SQLite does not implement a client-server model. There is no “point in time recovery,” and backup operations are basically an Oracle 7-style ALTER DATAFILE BEGIN BACKUP that makes a transaction-consistent copy of the whole database. GRANT and REVOKE are not implemented in SQLite, which uses filesystem permissions for all access control. There are no background processes, and newly-connecting clients may find themselves delayed and responsible for transaction recovery, statistics collection, or other administrative functions that are quietly performed in the background in this “zero-administration database.” Some history and architecture of SQLite can be found in audio and video records of Dr. Hipp's discussions.

Go to Full Article

by Joao Correia

Detecting vulnerabilities and managing the associated patching is challenging even in a small-scale Linux environment. Scale things up and the challenge becomes almost unsurmountable. There are approaches that help, but these approaches are unevenly applied.

In our survey, State of Enterprise Vulnerability Detection and Patch Management, we set out to investigate how large organizations handle the dual, linked security concerns of vulnerability detection and patch management.

The results produced interesting insights into the tools that organizations depend on to effectively deal with vulnerability and patch management at scale, how these tools are used, and which restrictions organizations face in their battle against threat actors. Download the copy of the report here.

Vulnerability management is an enterprise responsibility

Before we dive into the results of our survey, let’s take a quick look at why vulnerability management operations matter so much in large organizations.

Vulnerabilities are widespread and a major cybersecurity headache. In fact, vulnerabilities are such a critical problem that laws and regulations are in place to ensure that covered organizations adequately perform vulnerability management tasks – because the failure to do so can hurt a company’s customers.

Each industry has different rules that apply to it – with organizations that handle personal data such as healthcare records and financial service firms operating under the strictest rules. It has an impact on day-to-day vulnerability management operations – some organizations must act much faster and more thoroughly than others.

This is one of the points we explored in the survey, trying to understand how different industry compliance requirements affect vulnerability operations on the ground.

The survey

Early in 2021, we kicked off a survey with the intention to study three key factors in vulnerability and patch management operations. We examined patch deployment practices, how maintenance windows are handled, and tried to get a view into the overall level of security awareness of the organizations that responded.

The survey was advertised publicly to IT professionals around the world and it continues to run, even though we have published the initial results.

Go to Full Article