Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Proprietary Security: Windows and McAfee

  • This Week In Security: NetUSB, HTTP.sys, And 2013’s CVE Is Back | Hackaday

    A serious problem has been announced in Windows Server 2019 and Windows 10, with some versions vulnerable in their default configurations. The problem is in how Windows handles HTTP Trailer packets, which contain extra information at the end of normal HTTP transfers. There is a PoC available that demonstrates a crash. It appears that an additional information leak vulnerability would have to be combined with this one to produce a true exploit. This seems to be a different take on CVE-2021-31166, essentially exploiting the same weakness, and working around the incomplete fix. This issue was fixed in the January patch set for Windows, so make sure you’re covered.

  • CISA Adds Four Known Exploited Vulnerabilities to Catalog | CISA

    CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.

  • McAfee Releases Security Update for McAfee Agent for Windows  | CISA

    McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an affected system.

today's howtos

  • FTP server container Podman fast and right and 4 dirty steps

    FTP server container stands for “File Transfer Protocol” and is an excellent protocol for downloading files from a remote or local server or uploading files onto the server. Using FTP proves to be a primary task after it has been set up correctly. It works by having a server listening for connections (on port 21 by default) from clients. The clients can access a remote directory with their user account and then download or upload files there, depending on the permissions that have been granted to them. It’s also possible to configure anonymous authorization, which means users will not need their account to connect to the FTP server. On Centos Linux, there are many different FTP server containers and client software packages available. You can even use default GUI and command-line tools as an FTP client. In addition, a stylish and highly-configurable FTP server package is vsftpd, known for many Linux systems, including Centos. This guide will go over the step-by-step instructions to install vsftpd on Centos. We’ll also see how to configure the container FTP server through various settings, then use the command line, GNOME GUI, or FTP client software to connect to the FTP server. Creating FTP users tutorial.

  • How to Back Up Your Linux System With Rsync - JumpCloud

    It’s easy to take for granted the importance of having a server backup — until you experience a system failure, a natural disaster, or a malware attack. This can potentially paralyze your business through the loss of vital records such as financial and customer data. Your ability to recover will only be as good as your last backup. Server backups provide the much-needed confidence that data is not lost and can be recovered in case of any eventuality. However, each operating system has a different way to handle this, and while some provide built-in utilities to accomplish this, others must be established from the ground up. Like many other areas of management, Linux operating systems have more options, but require more knowledge to set them up successfully.

  • How to Deploy a Ghost Blog With Docker – CloudSavvy IT

    Ghost is a popular content creation platform that’s written in JavaScript with Node.js. The open-source software comes with everything you need to author, theme, publish, and maintain your own blog. Ghost is open-source software supported by the official Ghost(Pro) hosted service. You can install it on your own server by adding Node.js and using the Ghost CLI to set up your stack. Ghost is also available as a Docker image which bundles all the dependencies for you. In this guide, we’ll use Docker to quickly get a new Ghost blog operational. Install Docker and Docker Compose on your host before proceeding any further. While you can deploy Ghost using Docker alone, Compose makes it simpler to supply and manage the config values your site will need to get started.

  • How to Check Directory Size From the Linux Command Line – CloudSavvy IT

    While the Linux command ls can display the sizes of files, it doesn’t work properly with directories, which will always be displayed as 4096 bytes. You’ll need to use the du command to recurse into subdirectories and print out a total.

  • How to Change Your Linux Password

    Once you’ve set up a new Linux PC, one of your first tasks should be to change your Linux password. After all, one of the most important parts of keeping your computer secure is creating a secure password that others can’t guess or crack. Whether you’re running macOS, Windows, or Linux, it’s crucial to be mindful of your password and change it regularly. So, how do you change your password in Linux? It’s a pretty straightforward process, so let’s take a look.

  • How to install Roblox Player and Studio on a Chromebook

    Today we are looking at how to install Roblox Studio and the Windows version of Roblox on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • Configure Filebeat-Elasticsearch Authentication - kifarunix.com

    This tutorial will take you through how you can configure filebeat-elasticsearch authentication. You realize that when you enable Elastic basic authentication, you need to valid user credentials to authenticate and validate access to restricted Elastic resources.

Games: HITMAN, Sauerbraten, and More

  • HITMAN 3 arrives on Steam and works flawlessly on Linux with Proton | GamingOnLinux

    Good news for the Steam Deck. IO Interactive have finally put HITMAN 3 on Steam, after the Epic exclusive period has finished and it works out of the box on Linux with Steam Play Proton. Note: personal purchase. Concluding the Agent 47 saga, the Steam release of course had its own drama to deal with. While it has been out for a year already on the Epic Store (which doesn't support Linux at all), it arrived on Steam at full price which has rubbed a lot of people the wrong way. Add to that the thoroughly confusing and long list of packages for HITMAN 3, plus Humble Store being required to separate between Epic / Steam (with the Epic version at 50% off but Steam is not) - the result added together was not a good one for IO.

  • Need for Speed: Hot Pursuit Remastered Review on Linux - Boiling Steam

    The need for speed. It’s kind of hard to believe this series dates back almost 30 years ago. Even before the series came into existence for the 3DO in late 1994, EA had bought the company responsible for it, Distinctive Software, in 1991. Still, despite the criticism we tend to give EA for their greedy practices, there’s a gem from them that I hold dear to my heart: Need for Speed: Hot Pursuit. Maybe you’re fed up with the cops. You understand that their job is to ensure the peace of the county that they’re in, but perhaps you don’t trust them, or you find them cold, rude. Or you’re left scratching your head as to why you got pulled over for having a “dim license plate light” when in reality there’s nothing wrong with either you or your car, and now you’re late for work. Now let’s flip it the other way around: perhaps you’re a cop yourself (or you used to be one). You feel like no one appreciates the hard, risky work that you put forth in maintaining order. You’re tired of the nasty people you have to put up with when you pull them over.

  • The Ascent: A Cyberpunk 2077 Replacement? - Boiling Steam

    One of the most interesting games last year — and not without its own share of controversies — seems to be regarded from many as a worthy alternative, if not an outright substitute, for the disappointment that Cyberpunk 2077 was. In a similar setting but with Aliens, an “indentured” — an indebted individual forced to work for a big corporation — arrives on Planet Veles, and suddenly afterwards the corporation, The Ascent Group, goes bankrupt and all Hell goes loose. You have to investigate and find your way on this big metropolis, and defend yourself in the struggles for power happening in the aftermath. Comparing this to the CD Projekt game might seem absurd from the start, because although it is an Action RPG, it uses a completely different visual approach — not first-person like Cyberpunk, not even third-person like, say, Spiders Studio The Technomancer, but in a bird’s eye view, which is sometimes called “isometric” (technically, it’s not, but the term caught on), like Diablo, Titan Quest or Path of Exile.

  • Sauerbraten Is An Insanely Fun First Person Shooter - Invidious

    Sauerbraten is a free multiplayer and singleplayer first person shooter that is the successor of the old Cube FPS. Much like the original Cube, the aim of this game is fun, old school deathmatch gameplay and also to allow map/geometry editing to be done cooperatively in-game.

  • ArmA 3 & S.O.G. Prairie Fire DLC - Welcome to the Jungle II

Security Leftovers

  • Looking At The New "Critical" Security Firmware Update Hitting Systems - Delivers New Intel Microcode - Phoronix

    Earlier this week the Linux Vendor Firmware Service began surging with activity following many new system firmware files being uploaded for what appears to be a "high severity upcoming security issue" but currently undisclosed. That issue hasn't been made public yet, but after poking around it is updating the Intel CPU microcode. After that earlier article, Red Hat's Richard Hughes who is the lead LVFS/fwupd lead developer commented that they shipped more than 156,000 firmware updates to end-users in a single day. The day after they were still at around twice their usual volume. For hardware with LVFS support for firmware updates, it's been a busy week but that only covers a small portion of the hardware out there.

  • Security updates for Friday [LWN.net]

    Security updates have been issued by Debian (aide, flatpak, kernel, libspf2, and usbview), Fedora (kernel, libreswan, nodejs, texlive-base, and wireshark), openSUSE (aide, cryptsetup, grafana, permissions, rust1.56, and stb), SUSE (aide, apache2, cryptsetup, grafana, permissions, rust1.56, and webkit2gtk3), and Ubuntu (aide, thunderbird, and usbview).

  • Rust 1.58.1 released

    Anybody who upgraded to the recent Rust 1.58.0 release will probably want to move on to Rust 1.58.1; among other things it contains a fix for a security vulnerability in the standard library. "We recommend all users to update their toolchain immediately and rebuild their programs with the updated compiler".

  • Reproducible Builds (diffoscope): diffoscope 201 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 201. This version includes the following changes:

    [ Chris Lamb ]
    * If the debian.deb822 module raises any exception on import, re-raise it as
      an ImportError instead. This should fix diffoscope on some Fedora systems.
      Thanks to Mattia Rizzolo for suggesting this particular solution.
      (Closes: reproducible-builds/diffoscope#300)
    
    [ Zbigniew Jędrzejewski-Szmek ]
    * Fix json detection with file-5.41-3.fc36.x86_64.