Category Archives: Seguridad

Terminate unresponsive programs on Ubuntu

1 Reply

Xkill is part of the X11 utilities pre-installed in Ubuntu and a tool for terminating misbehaving X clients or unresponsive programs. You can easily add a shortcut key to launch xkill with the steps below:
– Go to System > Preferences > Keyboard Shortcuts.
– Click the Add button to create a custom shortcut.
– Enter xkill to both the Name and Command boxes and click the Apply button.
– Click on Disabled at the xkill row in the Keyboard Shortcuts window (Disabled is then changed to New shortcut…).
– Press a new key combination, e.g. Ctrl+Alt+X (New shortcut… is then changed to Ctrl+Alt+X).
– Click the Close button.
Xkill is ready for use. Press the above key combination to turn the cursor to an X-sign, move the X-sign and drop it into a program interface to terminate the unresponsive program, or cancel the X-sign with a right-click. AddThis

Recovering root password under Linux with single user mode

1 Reply

It happens sometime that you can’t remember root password. On Linux, recovering root password can be done by booting Linux under a specific mode: single user mode.
This tutorial will show how to boot Linux in single user mode when using GRUB and finally how to change root password.
During normal usage, a Linux OS runs under runlevels between 2 and 5 which corresponds to various multi-user modes. Booting Linux under runlevel 1 will allow one to enter into a specific mode, single user mode. Under such a level, you directly get a root prompt. From there, changing root password is a piece of cake.
Some Linux distribution, such as Ubuntu for instance, offer a specific boot menu entry where it is stated “Recovery Mode” or “Single-User Mode“. If this is your case, selecting this menu entry will boot your machine into single user mode, you can carry on with the next part. If not, you might want to read this part.
Using GRUB, you can manually edit the proposed menu entry at boot time. To do so, when GRUB is presenting the menu list (you might need to press ESC first), follow those instructions:
– use the arrows to select the boot entry you want to modify.
– press e to edit the entry
– use the arrows to go to kernel line
– press e to edit this entry
– at the end of the line add the word: single
– press ESC to go back to the parent menu
– press b to boot this kernel
The kernel should be booting as usual (except for the graphical splash screen you might be used to), and you will finally get a root prompt (sh#).
Here we are, we have gained root access to the filesystem, let’s finally change the password.
As root, changing password does not ask for your old password, therefore running the command:
# passwd
will prompt you for your new password and will ask you to confirm it to make sure there is no typo.
That’s it, you can now reboot your box and gain root access again. AddThis mp3 link

System Recovery Tools: a possible cross-platform approach through open source and proprietary solutions

1 Reply

The following system recovery tools will be useful to you if you are facing problem of data loss or if your system is simply crashing. It is advisable to burn copies of these tools much before any disaster strikes.

Open Source and Free approach:

G4L aka Ghost for Linux is one of the system recovery tools that is mainly a cloning and hard disk and partition imaging tool. This tool is similar to “Norton Ghost”. The images created are compressed optionally and transferred to a FTP server instead of opting for cloning locally. Ideally, of the several tools described above it is advisable to use the most suitable tool for your needs. The tool that will be most useful during a crisis like a crash or server failure will be a better tool.

The Ultimate Boot CD is one of the system recovery tools which will be very helpful when you want to run CDRom-based diagnostic tools thereby consolidating as many diagnostic tools into one bootable CD as possible. Since you can now boot from USB memory devices a script you can run “Ultimate Boot CD” from USB memory stick and a script on the script on the CD will enable you to boot newer systems from your USB sticks. This is many steps ahead than many of the other recovery tools. Moreover it gives you the flexibility of booting your system with a USB memory stick.

Knoppix is one of the system recovery tools which is essentially a bootable CD with GNU/Linux software. It ensures automatic detection of hardware and supports a wide range of devices like sound cards, most of the graphic cards, USB and SCSI devices and other peripherals. It can be used as an educational CD, a Linux demo or for system recovery purposes. Alternatively it can be used as a commercial platform for software demos. There is no need to install anything on the hard-disk as the CD is capable of storing 2GB of software installed in it. Thus this tool is a truly multi-purpose recovery tool.

Proprietary solutions:

O&O Disk recovery: This software tool scans every portion of your hard-disk, digital camera or memory card for lost files. It is so effective and reliable that it is possible to reconstruct data even when files systems have been destroyed or formatted. More than 350 types of files like music formats, word documents, movie, graphics, Excel workbooks, photo and access databases can be recognized, reconstructed and restored.

SuperDuper is one of the system recovery tools makes recovery effortless as it creates a completely bootable backup effortlessly. The strengths of this software are that it is user-friendly, easy to use with a built-in scheduler that it makes backup automatically. Moreover it performs well independent of the processor that is both on Power PC Macs as well as Intel PCs. It is particularly useful when your software application with the latest update is not working or when your hard drive begins to make noise. It is also very handy when you want to restore a stable copy of your system though you do not want t lose your existing system files or cases like this. AddThis mp3 link

Some Linux security tips for Rootkit Hunter

1 Reply

If you run Rootkit Hunter and you haven’t modified your stock Red Hat configuration of the SSH service (sshd), chances are it will find that you allow root logins. Rootkit Hunter considers these as possible security risks. However, to fix this, you can simply login as root, fire up a text editor, and edit the file

/etc/ssh/sshd_config

Make the following changes:
You’ll find a commented line like this:
#Protocol 2,1
Uncomment it and change it to:
Protocol 2
This will disallow logins using the older versions of the protocol

Look for the commented line
#PermitRootLogin yes
Uncomment the line and change it so it reads:
PermitRootLogin no
This will configure sshd NOT to allow root logins.

After this, be sure to restart sshd (assuming you run the service in the first place so:
Service sshd restart

By the way Rootkit scanner is scanning tool to ensure you for about 99.9% you’re clean of nasty tools. This tool scans for rootkits, backdoors and local exploits.

AddThis mp3 link

Stay safe! Install Rootkit Hunter on Linux and FreeBSD

Leave a reply

Rootkit Hunter is a Unix-primarily based scanning tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of vital files with known good ones in online database, looking for default directories (of rootkits), improper permissions, hidden records data, suspicious strings in kernel modules and particular tests for Linux or FreeBSD. Most instances rootkits are self-hiding toolkits utilized by blackhats, crackers and script kiddies, to keep away from the attention of the system admin. If you’re unsure  as to whether your system is compromised, you will get a second opinion from sources such as Linux-oriented forum. If your system is contaminated with a rootkit, cleaning it up will not be an option. Restoring can be not an option unless you might be expert, and have autonomous and an impartial means of verifying that the backup is clear, and does not include misconfigured or stale software. Never trust a potentially compromised machine! Basically a clean install of the OS is always advisable after backing up the system. AddThis mp3 link

BleachBit: a free, powerful software to increase your privacy on Ubuntu and Windows

5 Replies

Since the first release many thins has been changed on BleachBit. I perfectly remind its first version that I uninstalled because I didn’t feel comfortable with the possible disaster I could do on my Ubuntu computer. Now BleachBit is very different: more powerful and easy to use! This software can be used on Linux (in my test I used Ubuntu 10.04 LTS) and Windows. To install it on Ubuntu you have to use Synaptics ( System  —> Administration —> Synaptics) and search for bleachbit in the search bar. For the Windows installation please, download the .exe file and install it. After the installation on Ubuntu, open BleachBit going to Applications —> System Tools —> BleachBit. Now, you have a very understandable menu bar in the left side of your screen.  If you click on the main sub-menus you can automatically read some information about what every option will delete on tour PC. Moreover, if the delete options you choose are potentially dangerous, a pop up mini alert will inform you about the risks. We recommend to use the Preview option before bleaching your PS. In this way you can have a final picture of what you are doing and how many bytes are you deleting. On the preference menu you can decide to overwrite files to hide contents or to run BleachBit every time you start your computer. Last but not least, BleachBit supports many languages that you can select from Edit —> Preferences —> Languages. AddThis mp3 link

How to protect your profile and emails on Thunderbird 3 (Ubuntu and Windows instructions)

Leave a reply

On Thunderbird, the only way to be 99% sure nobody will read your emails is to save your profile on an encrypted folder (or disk partition) using e.g. TrueCrypt but if you are not concerned that you are under surveillance, you can simply use a quick and useful trick that allows Thunderbird to ask for the Master password every time you launch it.

In Ubuntu you have to follow two different steps. First of all, go to Edit —> Preferences —> Security —> Passwords and create your Master Password. Secondly, go to Edit —> Preferences —> Advanced —> Config Editor (click on “I’ll be careful, I promise”). Then in the filter bar, type password and change the parameter for mail.password_protect_local_cache to True. The next time you will launch Thunderbird nothing will be displayed (old and new emails) before you insert the correct Master Password.

If you are using Thunderbird on Windows you have to modify mail.password_protect_local_cache going to Tools —> Options —> Advanced —> Config Editor (click on “I’ll be careful, I promise”). Then, as for Ubuntu, in the filter bar type password and change the parameter for mail.password_protect_local_cache to True. AddThis mp3 link

I2P a real versatile anonymizing network for Linux and Windows

Leave a reply

This week for our Freeware Page, we tested I2P a freeware which let you to surf internet without revealing your IP and encrypt your data. As described on the I2P Homepage, this freeware is a “anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties”. During out test we used bothXP and Ubuntu because I2P is a java file even is it seems to be a exe file and it could be used on all the Linux OS. On Windows XP it is very simple to use I2P but at the beginning it is really slow and for this reason we suggest to keep it run for about twelve hours because this freeware needs to build its own network and for this it takes some hours. When ready you have to setup all the software you want to filter through it. For this reason, we setted Firefox (Preferences-> Advanced -> Network -> Settings) Manual Proxy Configuration to HTTP Proxy as localhost, port 4444. Then we put a tick on “Use this proxy server for all protocols” and we finished indicating “No proxy for” as localhost, 127.0.0.1. After some seconds we discovered that our IP was now in the northern part of the France (far away from our real location). To setup I2P it is necessary to point Firefox on http://localhost:7657/index.jsp because, by default, I2P tries to launch Internet Explorer also when it works on Linux. After a week of tests we can say that I2P is a little bit slower than TOR but it can easily be integrated on your browser, mail client, chat and others programs. For our (limited) experience I2P is the most complete anonymizing network we know. To conclude, as already discussed also on this post none or nothing can create a perfectly anonymous software but I2P can help to better improve our privacy. Recommended! AddThis mp3 link

RepoGen: how to create and keep up-to-date your Software Sources on Ubuntu 8.04, 8.10, 9.04 and 9.10!

Leave a reply

This week, in our Linux Page (in Spanish) we added a post about a new fantastic online service to manage and add software sources to your Sources List (System – Administration – Software Sources). Adding the right repository sources in Ubuntu is essential for a more practical and fast management of your OS. In fact, using the correct sources list you can be sure that your system is always updated and safe. RepoGen has been created for all these reasons. It also automatically compiles all the necessary GPG keys and you have just to add them (one by one) running the suggested command in the Terminal. We tested RepoGen on two different PCs running both Ubuntu 8.04 & Ubuntu 9.04 and were able to update our Software Sources in less of 15 minutes and without discovering a single problem. To conclude we strongly believe that RepoGen is an online service that can help you to save a lot of time and keep your Ubuntu always up-to-date! Strongly recommended! AddThis mp3 link