Linux Mint - Free and powerful

Saturday, 27 February 2016

Hacker explains how he put backdoor on Linux Mint downloads » TechWorm



Hundreds of Linux machines backdoored, as the hacker’s botnet is still operational

In our previous article, we had reported how the Linux Mint website was hacked that tricked users into downloading a fake Linux Mint ISO with a backdoor.
Well now, in an encrypted chat on Sunday, the person responsible for the hack, who goes by the name “Peace,” told ZDNet that a “few hundred” Linux Mint installs were under their control, which turns out to be a substantial portion of the thousand-plus downloads during the day.
Peace also went on to state that a complete copy of the site’s forum was stolen by him twice: the first one on January 28, and the second one which was the most recent on February 18, just two days before the hack was established.
The hack affected not only the forum usernames, but also passwords (encrypted), email addresses, birthdates, profile pictures, any information in the signature and any information posted on forums, including private messages and private topics. The hacker claims to have cracked some of the passwords already with many more to be cracked in the pipeline. (It’s assumed that the site used PHPass to hash the passwords, which can be cracked.)
Clement Lefebvre, leader of the Linux Mint project confirmed on Sunday that the forum had been breached. He said “It was confirmed that the forums database was compromised during the attack led against us yesterday and that the attackers acquired a copy of it. If you have an account on forums.linuxmint.com, please change your password on all sensitive websites as soon as possible.”
In fact, the hacker had put the forum database (Linuxmint.com shell, php mailer, and full forum dump) on a dark web marketplace for sale for a meagre amount of $85 (about 0.197 bitcoin).
Confirming that the listing was theirs, Peace said jokingly, “Well, I need $85.”
On Sunday, it was announced that about 71,000 accounts (which is less than half of all accounts included in the database) were loaded into breach notification site HaveIBeenPwned. If you think you may have been affected by the breach, you can search its database for your email address.
While Peace said that they lived in Europe and had no association to hacking groups, he refused to provide information such as their name, age, or gender.
In January, Peace was “just poking around” the site when they discovered a vulnerability that allowed them to access it without any authorization. (The hacker also mentioned that they had credentials to log in to the site’s admin panel as Lefebvre, however, was hesitant to describe how it turned out to be useful again.) The hacker then on Saturday swapped one of the 64-bit Linux distribution images (ISO) with one that was modified by adding a backdoor, and afterwards made a decision to “replace all mirrors” for every downloadable version of Linux on the site with a modified version of their own.
The hacker said that as the code is open-source, the backdoored version is not that hard as one would think. It just took them just a few hours to repack a Linux version that contained the backdoor.
The files were then uploaded to a file server situated in Bulgaria by the hacker, which took the longest “because of slow bandwidth.”
The best way to get users to download the backdoored version on the website is by changing the checksum (used to authenticate the reliability of a file) on the website with the checksum of the backdoored version.
The hacker said, “Who the f**k checks those anyway?”
Known to work alone, the hacker in the past has provided private exploit services for known susceptibilities services on private marketplace sites that they are connected to.
The first hacking episode began in late January, but increased when they “started spreading the backdoored images early morning [Saturday],” the hacker said.
Hacker explains how he put backdoor on Linux Mint downloads » TechWorm: "HaveIBeenPwned"



'via Blog this'

Wednesday, 24 February 2016

Get it | Shashlik






Get it


Current Version: 0.9.1

Note that the current version is tested to work within a KDE Plasma 5 environment. In other environments, it could work but is not tested yb the developers.
If you have compiled packages for latest Shashlik or know where to find such, please let us know in the comments and we link to it above.
Report any issues on github here: https://github.com/shashlik/shashlik-build/issues
Get it | Shashlik:



'via Blog this'

Tuesday, 2 February 2016

How to Join Ubuntu 15.10 Desktop to Active directory using Realmd | Ubuntu Geek



This tutorial will explain How to Join Ubuntu 15.10 to Active directory using Realmd.Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks and is included in most Windows Server operating systems as a set of processes and services.An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software.


Preparing your system
Need to install all the required packages using the following command
sudo apt-get install realmd sssd sssd-tools samba-common krb5-user packagekit samba-common-bin samba-libs adcli ntp
During installation of krb5-user, it will prompt you for the default Kerberos realm. This should be your domain in all caps. Example: LOCALDOMAIN.XX
Now, go ahead and get a valid kerberos ticket for your AD admin: kinit DomainAdmin@LOCALDOMAIN.XX
Configuring realmd
You need to edit /etc/realmd.conf
sudo vi /etc/realmd.conf
Change the following option
[service]
automatic-install = no
Save and exit the file
Configuring sssd.conf file
First you need to change the sssd.confile using the following command
sudo chmod 0600 /etc/sssd/sssd.conf
Now edit the file using the following command
sudo /etc/sssd/sssd.conf
add the following lines
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
Comment out the following line
use_fully_qualified_names = True
to
#use_fully_qualified_names = True
Save and exit the file
Join in unattended mode with new user principal using the following command
realm –-verbose join localdomain.xx –-user-principal=myubuntuserver/DomainAdmin@LOCALDOMAIN.XX –-unattended
Reboot your server. You should now be able to id a domain user as follows: id LOCALDOMAIN\\myuser
You can now su to a domain user: su myuser@localdomain
You can add the NTP servers to sync with your domain controller in /etc/ntp.conf


How to Join Ubuntu 15.10 Desktop to Active directory using Realmd | Ubuntu Geek:



'via Blog this'

Sunday, 31 January 2016

1. Practical Linux Power Server - Intro


Practical Linux Power Server - Intro

In this series of  guides I will show you how you can re-purpose a general workstation as a powerful yet easy to use server with a useful GUI.

The aim of this series is to create easy to follow mini guides that you can access from a browser while installing and customising your Practical Linux Power Server (PLPS).

This is how I do it. It works for me. It may not be the best approach for you. 
Your Mileage My Vary! -  YMMV!

The structure of the guides.

  1. General Information on Linux - Hints, Tips and cool things.
    1. 20 things to do after installing Linux Mint
  2. Hardware including peripherals.
    1. IBM
    2. Generic
    3. SCP
    4. Low Memory? Use a swap file
  3. Operating system installation.
    1. Encrypted file-systems
    2. Two form factor encryption
  4. Operating system customisation.
  5. Operating system security.
  6. Base applications and configurations.
    1. Restoring applications using dselect
  7. Web applications.
  8. Database applications.
  9. Commercial  applications.
  10. Penetration security.
  11. System monitoring.
  12. Backup and recovery.
    1. Switching desktops or recovering your desktop

Please be patient as this is work in progress and subject to change according to my whims. Content will follow soon. :-)


aptitude -F '%p' search ' !~i' 

About me.

Monday, 4 January 2016

Web Server Setup for WordPress on Raspberry Pi

First published on: 1-9-2014

Web Server Setup for WordPress on Raspberry Pi

Pooja Juyal

WordPress is a PHP and MySQL based open source blogging platform and content management system. It is a popular blogging system and includes features like threaded comments, galleries, revision histories, trash, custom post types, thousands of themes, widgets and plug-ins. This article describes the setting up of a web server for WordPress on Raspberry Pi.
Apache web server installation 
Apache, a web server application notable for playing a key role in the initial growth of the World Wide Web, is used to serve web pages. Follow the procedure given below to install it on Raspberry Pi.

1. Install apache2 package by executing the following command (also see Fig. 1):

 
  Fig. 1: Installing apache2 package

$ sudo apt-get install apache2 –y

2. After this installation, Apache sever will be running. Thereafter you can start or stop it by running the following commands (also see Figs 2 and 3):

  
   Fig. 2: Starting Apache server

  
  Fig. 3: Stopping Apache server


$ sudo service apache2 start
$ sudo service apache2 stop
3. Apache server by default creates a test HTML file in web folder. This can be served when http://localhost/ is browsed on the Raspberry Pi or http://192.168.2.104 (IP address of the Raspberry Pi in our case, but can be different in your case) from any other computer on the network.

Browse the default web page and you will see the message shown in Fig. 4 appear on the screen.

 
 Fig. 4: Browser default HTML page

4. Change the default web page as per your requirement. The default web page is an HTML file on the file system and is located at /var/www/index.html. Execute the following command on terminal to navigate and have a look on the file:

$ cd /var/www
$ ls -al


You will see the following:

total 12
drwxr-xr-x 2 root root 4096 Mar 2
03:15 .
drwxr-xr-x 12 root root 4096 Mar 2
03:15 ..
-rw-r--r-- 1 root root 177 Mar 2
03:16 index.html


This shows that there is one file called index.html in /var/www/. The ‘.’ (dot) at the end of line 2 refers to the directory itself/var/www/ and the ‘..’ at the end of line 3 refers to the parent directory /var/.

Meaning of each column in the previous file is:

1. File or directory permissions
2. Number of files in the directory (1 in case of a file)
3. User who owns directory or file
4. Group which owns the directory or file
5. File size
6. Date and time of last modification

In order to edit the directory and file, you should log in as root user. Edit the index.html file using either of the following commands.

$ sudo chown pi: index.html
$ sudo nano index.html
Try editing/changing this file and refreshing the browser to see the web page changes.

Next step is to install PHP and MYSQL, which are used to create your own site and publish your own content dynamically, without knowing how to program those pages.

PHP installation

Install PHP by executing the following command (also see Fig. 5):

 
 Fig. 5: Installation of all PHP packages

$ sudo apt-get install php5 libap
ache-mod-php5 php5-intl php5-mcrypt
php5-curl php5-sqlite


To check whether PHP has been installed properly, move index.html file to index.php using following command (also see Fig. 6):

 
 Fig. 6: Moving index.html file to index.php file

$ sudo mv index.html index.php
Now edit the file:

$ sudo nano index.php

Put following text in index.php after opening the nano editor:

Save and then refresh the browser. You should see ‘hello world’ on your browser. This is served by the PHP and is not dynamic. So let us try something dynamic like displaying date and time by giving following command:

Or you can show the PHP info by giving following command:

Installing MYSQL database management system
Execute the following command to install MSQL (also see Fig. 7):

 
 Fig. 7: Installing MYSQL


$ sudo apt-get install mysql-
server mysql-client php5-mysql


Enter the password of your choice for the top-level MSQL user, who will be managing MSQL but is not root user of the Raspberry Pi operating system. Stop and start the apache2 server.  
  
WordPress download

Download WordPress by running wget command on the terminal. You can find the latest version at wordpress.org/latest.tar.gz and wordpress.org/latest.zip

Download the WordPress to /var/www/ location. You will have to empty the folder first. Now change the ownership of this folder to the Pi user using following command:

$ cd /var/www
$ chown pi:
$ rm *
$ wget http://wordpress.org/
latest.
tar.gz


Or you can download it directly from the link mentioned below:

http://wordpress.org/latest.
tar.gz
Extract the tarball using following command:

$ tar xzf wordpress-3.9.1.tar.gz


Move the contents of folder to the current directory.

$ sudo mv wordpress/*

Remove the folder (which is now empty) and tarball to tidy up.

$ sudo rm -rf wordpress-3.9.1.tar.gz

To see the content of the WordPress project, run the ls or tree-L1 command. You will see the project as given below. It is the source of a default WordPress installation.

├── index.php
├── license.txt
├── readme.html
├── wp-activate.php
├── wp-admin
├── wp-blog-header.php
├── wp-comments-post.php
├── wp-config-sample.php
├── wp-content
├── wp-cron.php
├── wp-includes
├── wp-links-opml.php
├── wp-load.php
├── wp-login.php
├── wp-mail.php
├── wp-settings.php
├── wp-signup.php
├── wp-trackback.php
└── xmlrpc.php

The files for editing to customise installation is in the ‘wp-content’ folder.

Setting up WordPress database
To set up WordPress site, you will require a database such as MYSQL.

Run the mysql command in the terminal and provide the login credentials (username is ‘root’ and password is ‘password’) as given below:

$ mysql -uroot –ppassword
Create the database that the WordPress installation will use:

$ mysql> create database wordpress;

Do not miss the semi-colon at the end of the statement. After creating the database, you should see the following message:

Query OK, 1 row affected (0.00 sec)
Exit MySQL using Ctrl + D keys.

WordPress configuration
To access the Raspberry Pi in the browser, navigate to http://192.168.2.104 (IP address of your Raspberry Pi). In case you do not know the IP, check it by running the command hostname–I on the terminal.

You should see the error page; this is good! Click the button marked as ‘Create a Configuration File’ followed by ‘Let’s go!’ button on the next page.

Now, fill basic site information as mentioned below:

Database Name: wordpress
User Name: root
Password: 

Database Host: localhost
Table Prefix: wp_


Upon successful database connection, you will get the contents of your wp-config.php file as shown in Fig. 8.

 
 Fig. 8: The wp-config.php file page

Copy this text. Then return to the Pi terminal and open the nano editor by running the command nano wp-config.php. Paste the copied text into the blank wp-config.php file. Save this file and exit the nano editor. Then come back to Fig. 8 and hit ‘Run the install’ button.

You should see a ‘Welcome’ screen as shown in Fig. 9. Fill in the required information shown in this window.

 
 Fig. 9: Welcome screen on WordPress

Now, you will get your web page on the screen. The web page with customised theme is shown in Fig. 10.

 
 Fig. 10: WordPress hosted on Raspberry Pi

If you want to do some changes in your web page, write the IP address on the address bar as given below (also shown in Fig. 11):

  
  Fig. 11: Entering IP address for making changes

192.168.2.104/wp-admin
A window will open on the screen for entering your username and password as shown in Fig. 12. Fill the information, give a title to your site and create username and password.
You can make changes in your web page from the admin web page as shown in Fig. 13.
 
 Fig. 12: Entering username and password 

 
  Fig. 13: Admin page to make changes on your web page 


The author is working as assistant manager at Samtel Avionics Ltd 


Web Server Setup for WordPress on Raspberry Pi:



'via Blog this'

Tuesday, 29 December 2015

Install WebERP On Ubuntu 15.10 Server | Ubuntu Geek





webERP is a complete web based accounting and business management system that requires only a web-browser and pdf reader to use. It has a wide range of features suitable for many businesses particularly distributed businesses in wholesale, distribution and manufacturing. When combined with a 3rd party interactive desktop Point Of Sale system it can also form the hub of a dispersed multi-branch retail management system. A fully integrated webSHOP is also available as a 3rd party add-on. webERP is as an open-source application and is available as a free download to use with all the PHP code written in an accessible way for you to add your own features as needed.


WebERP Features
Entirely web-based
Sales Orders
Accounts Receivable
Purchase Orders
Accounts Payable
General Ledger
Contract Costing
Shipment Costing
MRP
Multi-Currency -- auto updated exchange rates
Standard Costing
Weighted Average Costing
Multi-Inventory Location
Multiple Invoice Taxes
Serial Numbered Inventory and Lot Tracking
Fixed Asset Register
Manufacturing
Multi-level Bills of Material
Ghost Bills
Kitsets and Assemblies
Expense Claims
Sales Analysis
Multi-Language -- utf8 support
PDF reports
Readable PHP code so allowing business people to understand scripts
Low foot-print, fast, simple code
First you need to make sure you have Ubuntu 15.10 LAMP server installed.
Preparing your server
Make sure you have installed the following package
sudo apt-get install php5-gd
After the above command you need to restart the apache2 service
sudo service apache2 restart
Install WebERP On Ubuntu 15.10 Server
Download the latest WebERP package from here to /var/www/html/
cd /var/www/html/
Unzip the webERP zip file and you should have webERP directory
unzip webERP_4.12.3.zip
Change permissions
sudo chmod -R 755 webERP
Now you need to go to http://serverip/webERP/
You should see similar to the following screen select your language and click on NEXT STEP
1
Enter Database Settings and click on NEXT STEP
2
Select time zone and adminpassword and click on INSTALL
3
After completing the installation you should see login screen and here enter the login details click on login
4
5
You can check the webERP manual and familiar with the product.
Install WebERP On Ubuntu 15.10 Server | Ubuntu Geek:



'via Blog this'

Monday, 21 December 2015

Ubuntu Fails To Reach 200 Million Users By End 2015 Goal | Lowyat.NET



ubuntu-logo14
Four years ago, Mark Shuttleworth, founder of Ubuntu OS, said that the operating system would reach 200 million users by 2015. Sadly, four years is almost up and it seems like Ubuntu’s goals were unfortunately overestimated. Ubuntu is a Linux distribution which is catered for smartphones and personal computers. The 200 million users goal is so far-fetched that currently, Ubuntu on has around tens of millions of users. What makes it more saddening is the fact that it is hard to even get an accurate sales figure of Ubuntu because it is rarely distributed along with marketed products. Even Canonical, Ubuntu’s parent company, has a difficult time releasing official stats about the operating system.
meizu-mx4-ubuntu-1
However, unofficial estimates said that Ubuntu hasn’t even surpass the 100 million mark. This includes desktop and smartphone installations. Fortunately, all hope is not lost for Ubuntu: this year, we saw the release of Ubuntu Touch, which has been included on a special variant of the Meizu MX4.
In addition to that, Ubuntu is currently shifting its focus on the smartphone market and IoT (Internet of Things). This shift might just be the catalyst Ubuntu needs to achieve the already due goals it has set four years ago. Better late than never.
(Source: Phoronix via Neowin)


Ubuntu Fails To Reach 200 Million Users By End 2015 Goal | Lowyat.NET:



'via Blog this'

Wednesday, 16 December 2015

How to Set Up a Real Time Business Statistics Dashboard - Envato Tuts+ Computer Skills Tutorial



Successful business people know that measuring performance is the key to growth and success.  If you can not measure the outcomes of your business decisions then you really don't have an adequate grasp of the direction in which your business is going. 
Measuring income, turnover, expenditure, return on investment and profitability is something that every business does, but those are often information snapshots of last month, last quarter or last year.  It's not real time information.
With the growth and development of the Internet, huge strides in information sharing have become possible.  In real time, too!
An example Geckoboard dashboard (shown here with example data)
This tutorial will show you how to set up your own inexpensive business dashboard that is capable of displaying and updating information drawn from many different sources, in real time.
This allows you to monitor the performance of whatever you choose to measure.  You can then place a dedicated screen in your office to keep abreast of the stats.
A Geckoboard dashboard running from a Raspberry Pi. Note the small white box beneath display.
For the purposes of this project, I have used:
  • Raspberry Pi
  • Power supply with micro-USB connection
  • Raspberry Pi case
  • SD card
  • Widescreen monitor
  • An empty Amazon box on which to stand the monitor
  • Appropriate cable to connect RPi to monitor
  • Cat5E Network cable
  • Geckoboard account
The total cost of these components is around £125 (US$210), but you can set this up for less if you already have some spare components needing a project. 
I have chosen to use a Raspberry Pi, for this project, for a number of reasons.  
First and foremost, it's a great way to support an innovative British business by putting an inexpensive computer to a productive task.  To me, this makes so much more sense than using a dedicated PC, as the PC is likely to be much more powerful than the Pi. 
Of course, that also means that using a Raspberry Pi, rather than a PC, means that the project is going to be much more energy efficient given that a Pi draws so little power compared to a PC.
If I needed to convince myself further, the diminutive form factor of the Raspberry Pi means that it can be secured the the back of the monitor or secreted out of view, elsewhere, without taking up lots of space.
Format an SD card and install Raspian.  You can do this easily by installing NOOBS which enables you to set up any one of a number of operating systems, including Raspian.  
If you need guidance to do this, refer to the How to Install NOOBS on a Raspberry Pi With a Mac tutorial. 
Installing Chromium on a Raspberry Pi
Once Raspian has been installed, the next step is to install Google's Chromium web browser.  I have chosen this for the way that it renders we pages, the way it can be scaled and the fact that it shows little in the way of borders or scroll bars when full screen mode is enabled.
There is no need to open the graphical user interface (GUI), of your Pi, as it's the command line interface (CLI) that we require to install chromium.  To install Chromium, execute the following commands in the CLI. 
Operating the default Raspian installation will see the video output put to sleep after short period of time.  This defeats the purpose of the project as I want to be able to have the display running all the time.  
Installing Xscreensaver on a Raspberry Pi
Whilst it is possible to move the mouse, or press a key on the keyboard, that is awkward to have to do and it's impractical as I intend to run the Pi without a keyboard or mouse plugged in. 
For this reason, I need a way to keep the video output alive.  I achieve this by installing a piece of software called Xscreensaver. To do this, enter the following commands in the CLI:
This installs the Xscreensaver software which is accessible through Start > Preferences > Xscreensaver within the GUI. 
In order to display my business statistics I need a dashboard.  There are a number of dashboard services available.  For the purposes of this tutorial, I am using Geckoboard.  You can get a 30-day free trial of Geckoboard, but you should determine which service fits your needs best.
For this part of the tutorial I recommend that you use your usual Mac, Linux machine or Windows PC, as trying to achieve this on the Raspberry Pi will be a time-consuming affair.
Selecting widgets in Geckoboard
In respect of Geckoboard, you first need to connect your services.  Services are things like Google Analytics, Trello, Twitter, Pingdom, Bitly and many, many more.
Fortunately, setting up a new service is as simple as selecting a widget.  If the service has not already been configured, you will be given the opportunity to connect the new service.
Configuring widgets in Geckoboard
Configuring widgets is a straightforward process that is administered through a web-browser.  Remember, this will be quicker set up from your Mac rather than trying to do it on the Raspberry Pi.
  • Log into your Geckoboard account and click Add Widget to show a list of the services that you can connect.  
  • Scroll down the list and select Google Analytics, for instance.  
  • Select a widget to configure.  In this example I have gone for Visits.
  • When you have finished entering the required criteria, click Add Widget to add it to your Geckoboard dashboard.
Note, you can reorder the widgets by dragging them around the dashboard within the browser edit view.
Enabling the Raspberry Pi to load the GUI on each boot
Once the Raspberry Pi is up and running with the dashboard, there should be no need to power off either device.  
If you prefer, you can have the Raspberry Pi start in the Raspian GUI, rather than the CLI.  This is achieved with Enable Boot to Desktop.
To configure Enable Boot to Desktop you need to be on the command line, either through just having booted the device or through LXTerminal if you are already in the GUI.
Enter the command:
Select 3 Enable Boot to Desktop/Scratch then Desktop Log in as user 'pi' at the graphical desktop.
When done, press Tab or Right Arrow twice and select <Finish>
In the event of a power failure, or other reason, it would be great to have the Raspberry Pi reboot straight into a full screen Chromium displaying the dashboard.  
Adding Chromium kiosk mode
This can be done by editing a file called .bashrc in the /home/pi directory.  
  • Enter the following command to open a file editor
The procedure to display the dashboard, now, is straightforward:
  • Ensure that there is a connection to your local area network and the wider internet
  • Ensure that the Raspberry Pi is connected to a keyboard and mouse (these can be removed, later)
  • Ensuring that the Raspberry Pi is connected to the display, power on both devices
  • If you do not have Enable Boot to Desktop configured, launch the Raspian GUI 
  • Once in the GUI, Launch the Chromium web browser
  • Enter the public-facing URL to display the Geckoboard dashboard in the browser (Obtain this URL from the Geckoboard admin panel)
  • Bookmark the URL
  • When the dashboard is fully display, press F11 on the keyboard to maximise Chromium to display in the full size of the monitor
  • If required, unplug the keyboard and mouse from the Raspberry Pi
In this tutorial I have shown you how to set up a dashboard of statistics running from a low-power Raspberry Pi.
Sit back and enjoy having all sorts of important data constantly displayed on a Geckoboard dashboard running from a Raspberry Pi.


How to Set Up a Real Time Business Statistics Dashboard - Envato Tuts+ Computer Skills Tutorial:



'via Blog this'

Total Pageviews

Google+ Followers

Pages

Blog Archive

Popular Posts

Recent Comments

Rays Twitter feed

Ads

Web sites come and go and information is lost and therefore some pages are archived. @rayd123. Powered by Blogger.