In my research to decide on my next Linux server distro I came upon two cool facts:
Thanks to my good friends at UF for this cool information.
Looking for more news on Ubuntu in one place? The website http://voices.canonical.com/ is a comprehensive blog that compiles posts from Canonical projects and Ubuntu members into one place. If you like RSS feeds like me this is the way to keep up with what’s going on. If you want a more technical view of Ubuntu or any Canonical project you should head to https://lists.ubuntu.com and sign up for the project you are interested in.
It appears this site has just started aggregating the different blogs of Ubuntu into one site.
Quoted from: http://slgeorge.wordpress.com/2010/01/29/canonical-conversations/
Want to know Canonical’s secret business plan? Or find out the latest features we’re working on in Ubuntu or UbuntuOne? Then hop over to the Canonical Voices site. It’s a blog aggregator that provides a single location for Canonical employees to blog and engage with the wider world.
I can’t promise that I’ll be any better at blogging regularly, I’ve already broken quite a few promises and resolutions on that front! Nonetheless, I’ve started aggregating posts about Ubuntu, Linux and Canonical over to the Voices site. Please check it out and become part of the conversation!
I’m trying to decide which OS will be better for my media server. I have little experience with CentOS or any Red-Hat based linux system. I have a few questions:
I have an IDS running on CentOS right now that I enjoy working on except for the different file placement. So I’m off to further research CentOS and if you have any thoughts let me know.
Graphic provided by Another Ubuntu Blogspot.
I made this my wallpaper. Don’t forget Alpha 1 will release in five days so get ready to start testing.
Looking for a good firewall for your Ubuntu server or desktop?
Uncomplicated Firewall (ufw) is a simple and easy to use firewall that comes already installed in Ubuntu server and desktop versions beginning with 8.04. UFW is a front-end to iptables, which is highly configurable itself, but can be such a pain to learn how to use. Since the introduction in 8.04, the following features have been added making UFW even more useful:
| Feature | 8.04 LTS | 8.10 | 9.04 | 9.10 |
| default incoming policy (allow/deny) | yes | yes | yes | yes |
| allow/deny incoming rules | yes | yes | yes | yes |
| ipv6 | yes | yes | yes | yes |
| status | yes | yes | yes | yes |
| logging (on/off) | yes | yes | yes | yes |
| extensible framework | yes | yes | yes | yes |
| application integration | – | yes | yes | yes |
| limit incoming rules (rate limiting) | – | yes | yes | yes |
| multiport incoming rules | – | yes | yes | yes |
| debconf/preseeding | – | – | yes | yes |
| default incoming policy (reject) | – | – | yes | yes |
| reject incoming rules | – | – | yes | yes |
| rule insertion | – | – | yes | yes |
| log levels | – | – | yes | yes |
| per rule logging | – | – | yes | yes |
| outgoing filtering (on par with incoming) | – | – | – | yes |
| filtering by interface | – | – | – | yes |
| bash completion | – | – | – | yes |
UFW does not have a graphical user interface (gui), but the commands are very simple to use. To use UFW if your running the desktop version of Ubuntu simply open a terminal. The terminal can be found at Applications menu -> Accessories -> Terminal.
To enable the UFW run
sudo ufw enable
In the security world deny by default is normal policy. To enable this policy simply run
sudo default deny
Then simply disable and re-enable the firewall for this policy to take effect
sudo ufw disable
sudo ufw enable
All incoming connections to your server or desktop will be denied. I use UFW on both my server and desktop. Linux is built with security in mind, but having an extra layer never hurts.
For more information on UFW check out the wiki HERE.
I recently took on the task of rebuilding my IDS for my home network. In the past I have used EasyIDS, which is a web-based Snort, BASE, and NTOP package pre-built on a CentOS Linux distro. EasyIDS is a great product and I recommend it to any small business or home network user. The time came though when I needed to consolidate all of my intrusion software onto one machine and so I decided to compile all of the programs myself.
The following programs I decided to use in my IDS:
OSSEC (server)
I’m not going to do a walk-through of the installation process. The Snort web site has a fairly good installation pdf for a debian based system HERE. For the OS I used Ubuntu 8.04.3 LTS Server Edition. You’ll have to make some changes since this document is a few years old. I had to change the snort.log filenames to snort.unified, I used the documentation from Ubuntu on turning on Apache SSL, and I looked for the newest version of dependencies needed.
If you decide to build your own IDS, I can’t stress enough the word DEPENDECIES. Dependecies was my biggest problem and increased the install time to ridiculous levels, but that was user error. If you take the time to read the documentation for the above programs installation will be much smoother. A bit of a warning though is that installing all of these programs is lengthy. I installed Snort and BASE in one session (4 hours) and the others in another session.
Successfully installing these programs and watching them work is such a reward. Not only did I learn how Snort and BASE work and work together, I now understand a little bit more about Linux itself.
Recent Comments