Icewm -- With an Identity crisis

Icewm -- With an Identity crisis

Someone kept telling me "but... Linux isn't Windows.... " So, I fixed their little red wagon. It may not BE Windows, but Linux sure can LOOK like Windows.......... of course, it doesn't have those BSOD and it runs faster, but hey, nothin's perfect. :) :)

Done using Icewm and a theme and a background image. Looks pretty good. I set this up on an underpowered machine that KDE 4.1 was choking down to a crawl... XP barely ran on it, and Vista wouldn't boot I'm sure. Linux with Icewm, is very responsive, and much faster than KDE 4.1 had been. Was a fun 1/2 hour.

Arch Linux and KDE 4.1

I use KDE for my default WM. Yeah yea yea, I know, it's NOT geeky enough. I like it though, and Arch Linux moved KDE 4.1 from testing and it is now downloaded and installed on all my computers. Alot of cool new stuff in KDE 4.1 I applaud the Arch Linux devs and the KDE team.

If you haven't tried KDE 4.1 yet..... you should. It's pretty cool :)

Why you should change your ssh default port.

Thought some of you might find this interesting. No one gets in, but it's funny how just changing the port number on ssh will stop 99.99% of the stupid attacks (some random bot repeatedly attempting to gain access) . Several other things SHOULD be changed in the ssh config file also, not just the port number, but this one provides the most eye opening reasons to be secure.

Installed server on Jul 17th ..... less than 5 days later, well, you get the idea.
wtmp begins Thu Jul 17 21:57:08 2008

[root@VistaCrusher1 ~]# lastb | wc -l
25349

For the less command line oriented peeps, that means I had 25,349 attempts to breach my machine via the ssh login. Bad logins recorded, along with IP's and other cool stuff.
Needless to say, I'll go change that shortly, along with several other security precautions. I just wanted to see how many hits I'd get in 5 days. That, and I wanted to see who came back.

Imagine that.....

[root@VistaCrusher1 ~]# lastb | grep 125.164.202.240
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:40 - 16:40 (00:00)
clamav ssh:notty 125.164.202.240 Mon Jul 21 16:39 - 16:39 (00:00)

Someone is STILL trying.

Here is a list of WHO tried.

[root@VistaCrusher1 ~]# lastb | awk '{print $3}' | sort --unique

121.14.5.209
123.140.215.92
124.42.50.54
125.164.202.240
193.23.52.17
193.33.171.66
208.65.156.53
210.146.9.109
210.176.26.185
210.221.148.223
210.51.171.74
211.160.40.29
211.33.57.138
212.90.168.161
217.199.186.93
218.38.56.181
219.122.33.3
222.195.137.249
52.26.222.203.st
61.114.236.22
74.10.24.182
83.103.170.158
83.168.89.246
89.238.203.66
Sun
c-24-5-182-18.hs
mail.zdr.ru
mail3.gus.net
martinjajcaj.vps
mvx-200-201-183-
n220246012106.ne
security.isd.com
[root@VistaCrusher1 ~]#

As someone mentioned to me on the Archlinux forums, iptables can be used to help prevent this as well.

### START SECURITY RULES ###
# Don't limit SSH from known addreses
# xxx.xxx.xxx.xxx
iptables        -A forwarding_wan -p tcp --dport 22 -s xxx.xxx.xxx.xxx -j ACCEPT

# SSH rate limiting from unknown IP addresses
# Allow 2 chances in 10 minutes to connect, reject after that
iptables        -A forwarding_wan -p tcp --dport 22 -m state --state NEW -m recent --set
iptables        -A forwarding_wan -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 600 --hitcount 3 -j DROP

Status of LinuxTorrents.org

I have taken the site down completely as the TorrentTrader software that was running the site apparently had some serious flaws. I'm not sure what all this person got into on the server that was hosting LinuxTorrents.org, but it was enough to mess it up badly. I don't think I'm inclined to reload the software, or find new software at this time, I may come up with a different solution instead, or just forward it to LinuxTracker, I haven't decided.

I know WHERE the hack originated, because I KNOW I didn't have clamav on my server.

clamav     pts/1    125.164.202.240    Thu Jul 10    06:46 - 06:58     (00:12)

that was from the output of "last". In the end, I blame myself. I should have installed better software for the torrents. One solution I've debated on, while lowtech, is to just use apache and upload torrents into directories. To this day, it still amazes me that people go out of their way to destroy what someone else creates.

Review of O'Reilly School of Technology System Administration Certificate Course

Review of O'Reilly School of Technology System Administration Certificate Course
by Dave Crouse


http://www.oreillyschool.com
http://www.oreillyschool.com/courses/system-administration.php
Quote:

Linux/Unix System Administration Certificate Series

This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois.


I completed the Linux/Unix System Administration Certificate from The O'Reilly School of Technology several months ago. I am finally getting some free time to review the course. I must say I am really glad I took the course, and that even with over a decade of Linux experience, I did actually learn a few things. The course is actually setup for the beginner to intermediate users. This doesn't mean that power users of Linux won't learn anything, I did learn a few new things, but probably would be more for review and the certificate to put on your resume, than to expect to learn new concepts if your an advanced Linux user. Beginners and Intermediate users should expect to learn many new concepts and to do alot of reading.

Lets start with the interface for the school. It's called "The Learning Sandbox". There are two basic parts to the sandbox. The "Mystuff" section that contains the coursework and materials, and the "Coderunner" section below, that has the editor/mysql/unix tabs. Let me state right off the bat, I didn't like the "Coderunner" section that much. This was probably the one area of the entire course that I didn't have much appreciation of. Probably simply because I found logging in via ssh and using vi via my own Linux session, was so much faster and easier than using the web based interface that they supplied. This interface is used for other courses, so it makes sense that it's available, it just wasn't something I needed to use to do the coursework. In fact, I don't think I used it over once or twice during the entire course. Perhaps a person having to work from the Windows operating system might need that, I'm not sure.

The "Mystuff" section is used, it is in fact where you find the coursework and instructions. After logging into your account, and clicking your "Mystuff" tab you are presented with a screen that shows seven tabs. Files, Messages, Account, Course Work,Certificate,Forum,Main. Course Work is the tab that will get the biggest workout. Clicking that opens up the screen that allows you to get started.

Course 1: The Unix File System

This was by far the easiest of the course's. It covers basic shell commands, text editors, ssh, and cron. This section probably presents very little new material to an advanced user. Beginner and Intermediate users might find this material new, or a good refresher. This section in my opinion, could have covered much more material, and had many more questions than it did.

Course 2: Networking and DNS

I "thought" I knew a lot about Networking and DNS, I've ran my own bind server and have did a fair bit of networking. I found out most of the stuff I learned from the entire course series came from this section. The part that really threw me was the section on IP/subnets. This was just something I never really had to deal with, and forced me to dig into what I didn't know, and learn it. The course instructor was very helpful, and answered many emails promptly. This section I think many power Linux users would find challenging, and would probably benefit from.

Course 3: Unix Services

This section might be the most challenging for someone not familiar with a Linux system at all. In it you configure and install servers from source, and how to configure them. Not much of a challenge for the experience System Administrator or a Linux guru, but definitely an eye opener for someone that's never done it. This is the section where you "Learn by Doing, and Doing and Doing ........ " I enjoyed this section. From a users standpoint, this section probably had the best "flow". Working from the basics to having an installed running apache/mysql/php system.

Course 4: Scripting for Administrators Sed, Awk, and Perl

This section I enjoyed the most. It gives the user an overview of Awk, Sed, and Perl. If your not familiar with any of these, expect this section to take longer. I had to ask for clarification for one of the questions, and again, the instructor replied quickly via email.


My overall opinion of the course. It is worth taking. The instructor's are extremely friendly and willing to help you. It may not present tons of new material for an experienced Linux user, but for an Intermediate user, it would be challenging. A few things I would change, I would add more questions to the course's, and cover much more material in the scripting sections. On a scale of one to ten, I'd give it an eight. Would I take more O'Reilly course's ? Yes, I am planning on taking more. It was a thought provoking and enjoyable experience for me.

Recording a Desktop session using Linux

They say a picture is worth a thousand words, I'd hate to calculate what a video is worth then. The usefulness of this application is probably underated. Let's say you wanted to show someone a complicated gimp procedure, but you can't show them in person, as you live on different continents. VNC would work, but if it's complicated, it would be nice to have the "instructions" saved as a video. So you could record it and send it via the web or on a cd/dvd, or perhaps you "could" vnc in and show them and they could use this app and record the entire process on their end, saving the huge download or delay in mail. Either way, recording the desktop session is a handy thing to do at times. Perhaps you just want to record your Beryl session and shove it in your buddys face because he's still using that inferior OS.


Whatever your reasons for recording, perhaps the easiest way to record your desktop is using Linux is a program called: recordMyDesktop. Catchy name isn't it ;) recordMyDesktop is actually just the command line program to record your desktop, there are 2 gui interfaces you can use with it to create a very simple way to record a desktop session. My example thegimp.ogg video shows me recording part of the desktop and playing with the gimp. Nothing spectacular, but gives you an idea of what it can do.



recordMyDesktop's hompage is http://recordmydesktop.iovar.org/about.php

From the webpage:

recordMyDesktop offers also the ability to record audio, along with video,
through ALSA, OSS or the JACK audio server.

Also,
recordMyDesktop produces files using only open formats
These are theora for video and vorbis for audio,
using the ogg container.


A user guide is also available here: http://recordmydesktop.iovar.org/rug/toc.php


This application makes it very easy to "record" digitally what your doing ... say with the gimp, and shows visually how to do "X". One thing I noticed, you need to record at about 100% video quality, or it doesn't look good. At 100% video quality, it looks awesome and clear, but does create quite a large file. So, if you plan on making a gimp video tutorial (let me know if you do)... it might be easiest to distribute on dvd's instead of downloads. All in all, it's a great new (for me) addition to my library of graphic apps for Linux.


Installing the applications in my Arch system was extremely simple.




pacman -S recordmydesktop gtk-recordmydesktop qt-recordmydesktop




This installed the commandline application and both gui's for it. Ubuntu was as simple using Synaptic and searching for those apps and installing them. Worked well on both distros. Give it a shot, I think you'll be impressed.