ZINIO logo
Linux & Open Source Annual

Linux & Open Source Annual

Volume 3
Aggiungi ai preferiti

We have crammed as much as possible from the last year into this annual, from the most exciting tutorials to improve your systems and solve issues to programming with Python. This is a treasure trove of Linux and open source knowledge, from building your own Linux PC and virtualising your system to terminal tricks for supercharging your system. Featuring: Build your own Linux PC - Tailor a PC to your exact requirements. Ultimate rescue kit - 10 ways to fix you PC with our ultimate rescue kit. Enhance your system - Get more out of your Linux system with these improvements. Harness FOSS - Make the most of open source software and distros.

Leggi di più
United Kingdom
Future Publishing Ltd
10,19 €(VAT inclusa)

in questo numero

1 minuti
welcome to linux & open source annual

Free and Open Source Software (FOSS) has become an international phenomenon in recent years. The FOSS philosophy of protecting user freedoms is key to the pioneering movement that is always changing and evolving. By constantly updating and improving, it pushes the boundaries of what can be achieved with software. Whether this takes the form of updates to the many operating systems out there, awesome hacks that make life or computing easier than ever, or exciting hardware like the MintBox, there’s always something ground-breaking on the horizon. We have crammed as much of the year’s exciting new information as we possibly can into this annual, from news about the world of open source, reviews of the latest distros and open source software, to the many practical tutorials that can help you…

17 minuti
capture intruders

Ethical hacking This guide must be deployed for investigation or to protect an organisation only Organisations are always innovating to maintain a proactive defence against internet threats. To achieve this they create real structures for potential attackers in the hope of fooling them into thinking that their attack is being carried out against a real infrastructure. In this feature we look at honeypots, which are either software or a set of assets that tries to ‘seduce’ attackers by pretending to be a vulnerable system and once attackers are lured in, the honeypot studies the attack behaviour to learn the latest techniques that need to be countered. Honeypots date back to the 1960s but gained prominence when Clifford Stoll, who managed computers at Lawrence Berkeley National Laboratory in California in the mid-1980s, published…

1 minuti
at a glance

• Set up a honeypot, p10 Learn how to set up a medium-interaction SSH honeypot, which logs the entire shell interaction and brute-force attacks. What we used: Kippo (https://github.com/desaster/kippo) and its fork called Cowrie. Kippo and Cowrie (www.micheloosterhof.com/cowrie) are easy to install and they are the most popular over the internet honeypots. • Processing the data, p12 Discover how to shape the attack and attacker profile by analysing the data within the kippo.log file and folders such as log and tty. What we used: Python script playlog.py to display a real-time recorded attacker shell interaction. • Visualise the data, p14 How to graphically see all the information collected by Kippo and Cowrie in a web browser. What we used: Kippo-Graph (http://bruteforcelab.com/kippo-graph) a script to visualise statistics and any other data from a Kippo or Cowrie honeypot. • Question: are…

1 minuti
customise kippo

The primary configuration file where we can enter values for all the directives and customise Kippo is called kippo.cfg.dist (kippo.cfg). This includes, listening ports for incoming SSH connections and the location for files uploaded by an attacker: • ssh_addr: Shows the network interface where Kippo will be listening for all the requests. • ssh_port: Kippo’s listening port. The preference would be to set this to port 22, although you should run Kippo as root or sudoer. • hostname: Shows the computer’s name the attacker will see once they gain access. Try using appealing names such as PayrollPC. • log_path: The path where the log file will be stored for recording all actions and events taking place on the computer. This info will be stored in the kippo.log file; a folder called tty will store…

1 minuti
honeypots: what are the ethical and legal issues?

There is some controversy around the ethics and legal implications of using honeypots. Some experts believe honeypots don’t help security, since they can help attackers practise and learn new techniques and generally hone their skills for attacking any site. Some even consider honeypots as illegal, if the honeypot infrastructure is built intentionally as an ‘entrapment’ to catch attackers. This concern involves some issues related to privacy, because somebody accessing your honeypot could have legal rights (depending on the country where you place the honeypot) and this can limit the information that you can harvest from the attackers. It’s important to distinguish between two types of information when collecting data: content and transaction. The content data is the most important because it involves personal information such as emails, chats and even keystrokes…

1 minuti
download, install and set up kippo-graph

01 Get the prerequisites Kippo-Graph is accessed from the web browser, so you need to install an Apache server (sudo apt -get update followed up by sudo apt -get install apache2) and some PHP extra packages for it work properly: 02 Install Kippo-Graph (GitHub) The quickest way to get up and running with Kippo-Graph is by cloning the GitHub repository. Install Git with: …if you don’t have it already, followed by: 03 Install Kippo-Graph (manually) Another way to install Kippo-Graph is to download the latest version with: 04 Preparing Kippo-Graph Copy the folder cloned or copied in Step 2 or 3 to /var/www/html, then change to that folder with cd /var/html/kippograph- 1.5.1/. Next, set up full read, write and execute permissions to the generatedgraphs folder with sudo chmod 777 generated-graphs. Finally, config.php.dist must be copied to config.php before…