Skip to main content

Posts

Showing posts from 2012

AMD Radeon™ HD 7670M on Ubuntu 12.04

Update:   Recently I install kubuntu 13.10 and there is no problem with graphics. It just works  fine out of the box. I've seen many blog posts on how to make AMD HD7670M work on Ubuntu 12.04, specially when its in switchable graphics board like Dell Inspiron 15R 5520. I tried many things to make it work so that I could use the cinnamon desktop on ubuntu & other things too.. But to my surprise even the drivers from AMD site didn't work. Then I tried a combination of those blog posts I read & somehow I became successful in running the full graphics including compiz settings inside My Ubuntu Machine. Following are the steps I followed & it worked... 1. Create a backup of your xorg configuration file: sudo cp /etc/X11/xorg.conf /etc/X11/xorg.conf.BAK 2. Remove/purge current fglrx and fglrx-amdcccle : sudo apt-get remove --purge fglrx* 3. Install the driver: sudo apt-get install fglrx fglrx-amdcccle 4. Install additional

Bash History without numbers...

The bash history command is very cool. I understand why it shows the line numbers, but sometimes we need only the commands & not the numbers e.g. when we need to copy & run the commands to another server or terminal then it gets quiet useful. When you run history , the output is similar to this: Now try running history | cut -c 8- , you'll get the this:   So this command is really useful in situations where you need to do repeated work on same or different servers & you don't have scripting knowledge. You can just copy & paste the commands.  Hope you enjoy reading this!

Hardening the Linux server - Part 5

<< Part 4 Hardening the Linux server - Part 5 Encryption Encryption  is the process of taking data stored on a computer and scrambling it in a manner that makes it unreadable to anyone who doesn't possess the key to re-create the data in its original form. Data that has been encrypted can be stored on the local computer, stored on a network share, or transmitted to other users and computers. It's possible to encrypt an entire hard disk or the partitions of the disk. This should be done at installation. You can also secure data through encryption by creating a directory and encrypting it. For example, if you've set up a file server, you may want to encrypt a directory that holds sensitive information. Before you go forward with protecting your data, you need to install eCryptfs from the Ubuntu repositories by typing # sudo aptitude install ecryptfs-utils Press  Enter , and type your root password. Encrypt a directory

Hardening the Linux server - Part 4

<< Part 3                                                                                   Part 5 >> Hardening the Linux server - Part 4 Monitor your system There is a saying in computer security circles that the only way to truly secure a computer is to completely disconnect it and lock it in a box. Not too practical, but the underlying message is that if an attacker really wants into a system, odds are they will find a way in. After you take steps toward intrusion prevention, you need to set up a monitoring system to detect whether an attack against your server has taken place. Then, if you're alerted to an attack, you're better prepared to deal with it early on. The following sections walk you through the steps of installing and configuring two programs that help to detect intrusions. Tripwire alerts you to unauthorized activity that takes place with system files on your server, and Logwatch is a tool that can be used to create reports for you to

Hardening the Linux server - Part 3

<< Part 2                                                                                                      Part 4 >> Hardening the Linux server - Part 3 Write firewall rules You can deny access to your server through your firewall. Ubuntu Server uses a firewall called Uncomplicated FireWall (UFW), which is actually a management tool for iptables. Iptables filters network packets based on a series of rules written by the system administrator. Iptables can be complicated for beginners, so UFW simplifies it. Using UFW can help you harden your server; but if you're truly interested in server security, learning how to write rules for iptables will let you fine-tune a server's security. To get started with UFW, you need to install it. Follow these steps: From the command line, type sudo aptitude install ufw Press  Enter  and enter your password. Press  Enter  again to install the package. To enable the firewall, type the following: sudo ufw e

Hardening the Linux server - Part 2

<< Part 1                                                                                                       Part 3 >> Hardening the Linux server - Part 2 Plan the server installation The first step in hardening a GNU/Linux server is determining the server's function. What you use your server for determines what services need to be installed on the server. For example, if the server in question is used as a Web server, you should install LAMP services. On the other hand, if the server is used for directory services, Linux Apache MySQL PHP/Perl/Python (LAMP) has no business being installed on this machine. The only applications and services that should be permitted to run on your server are those that are required for the task the server is meant to perform. Nothing extra should be installed, for two reasons: Installing extra software or running extra services means there is one more door you have to lock. For example, If you're running Lightweig

Installing RHEL EPEL Repo on Centos 5.x or 6.x

How to install RHEL EPEL repository on Centos 5.x or 6.x   The following article will article CentOS 5.x-based or Centos 6.x-based  system using Fedora Epel repos, and the third party   remi   package repos. These package repositories are not officially supported by CentOS, but they provide much more current versions of popular applications like PHP or MYSQL. Install the extra repositories The first step requires downloading some RPM files that contain the additional YUM repository definitions. Centos 5.x wget http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm sudo rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm  Centos 6.x wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm Once installed you should see some additi

Hardening the Linux server - Part 1

Part 2 >> Hardening the Linux server - Part 1 An introduction to GNU/Linux server security Summary:   Servers—whether used for testing or production—are primary targets for attackers. By taking the proper steps, you can turn a vulnerable box into a hardened server and help thwart outside attackers. Learn how to secure SSH sessions, configure firewall rules, and set up intrusion detection to alert you to any possible attacks on your GNU/Linux® server. Once you've gained a solid foundation in the basics of securing your server, you can build on this knowledge to further harden your systems. Objectives In this tutorial, you learn about basic concepts in security administration, including how to secure Secure Shell (SSH) remote logins, create firewall rules, and watch logs for possible attacks. System requirements To run the examples in this tutorial, you need to install Ubuntu Server Edition on a computer or a virtual machine, such as Sun

Linux Flushing File System Caches

We may drop the file system caches on Linux to free up memory for applications. Kernels 2.6.16 and newer provide a mechanism via the /proc/ to make the kernel drop the page cache and/or inode and dentry caches on command. We can use this mechanism to free up the memory. However, this is a non-destructive operation that only free things that are completely unused and dirty objects will not be freed until written out to disk. Hence, we should flush these dirty objects to disk first. We can run “sync” to flush them out to disk. And the drop operations by the kernel will free more memory. We can flush caches of the file systems by two steps: Flush file system buffers Call the sync command: # sync   Free pagecache, dentries and inodes To use /proc/sys/vm/drop_caches, just echo a number to it. To free pagecache: # echo 1 > /proc/sys/vm/drop_caches To free dentries and inodes: # echo 2 > /proc/sys/vm/drop_caches To free pagecache, dentries and inodes:

The Linux boot process

Summary:   The process of booting a Linux® system consists of a number of stages. But whether you're booting a standard x86 desktop or a deeply embedded PowerPC® target, much of the flow is surprisingly similar. This article explores the Linux boot process from the initial bootstrap to the start of the first user-space application. Along the way, you'll learn about various other boot-related topics such as the boot loaders, kernel decompression, the initial RAM disk, and other elements of Linux boot. In the early days, bootstrapping a computer meant feeding a paper tape containing a boot program or manually loading a boot program using the front panel address/data/control switches. Today's computers are equipped with facilities to simplify the boot process, but that doesn't necessarily make it simple. Let's start with a high-level view of Linux boot so you can see the entire landscape. Then we'll review what's going on at each of the individ