linux poison RSS
linux poison Email

Mac4lin - Give that Mac OS X look to Linux

Mac4Lin is best Mac like User Interface for Gnome and Xfce desktops like Ubuntu/Xubuntu, Fedora, Debian and others, that will take care of absolutely everything (from icons, themes to usplash – loading window at start) to look just like Mac. With this package comes: dock, the GTK theme, Emerald theme (3d window borders), new icons, new wallpapers, taskbar image, GDM themes, cursors, themes for Pidgin, Firefox, music players and system sounds and you will be amazed of flexibility and customization of Linux system.

    * Fully supports GNOME 2.26 and backwards compatible
    * Improved support for GlobalMenu, support integrated in the default GTK theme
    * Better native Xfce support
    * Icon additions
    * Statusbar is now fixed
    * New progress bars
    * New tabs
    * Improved installation and uninstallation scripts
    * Integrates well with Globus
    * Finer UI refinements
    * Metacity theme now supports different button sizes
    * Firefox 3 themes are now updated
    * Songbird plugins included
    * Pidgin AWN 64bit plugin now included
    * Fonts are now consolidated
    * Transparent top panel
    * GDM theme is now in-line with Mac OS X login window
    * Cairo dock is the default recommended dock
* Usplash is still buggy
* Thunderbird theme is still buggy
* GDM theme is not automatically set by the script


Download Mac4Lin file and extract the archive. Run the Mac4Lin installation script (./ as a normal user to install Mac4Lin. 
If you'd like to manually install or apply some tweaks, check out the Mac4Lin documentation for advanced installation instructions.
Also, download entire sets of Mac Leopard Wallpapers
Read more

Complete and Reliable Password Manager for OpenSuSe - KeepassX

KeePassX is a password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk.

This means that you only have to remember one single master password or insert the key-disk to unlock the whole database. The complete database is always encrypted either with AES (alias Rijndael) or Twofish encryption algorithm using a 256 bit key. Therefore the saved information can be considered as quite safe.

KeePassX offers a little utility for secure password generation. The password generator is very customizable, fast and easy to use. Especially someone who generates passwords frequently will appreciate this feature.

Installation of  KeePassX: use "1-click" installer to install KeePassX
OpenSuSe 11.1 - install KeePassX 
OpenSuSe 11.0 - install KeePassX

After successful installation go to command prompt and type command: keepassx to start the application, now go to File menu and create a new database to store the information, here you also have to provide your master key to open/lock this database so DO NOT FORGET THIS PASSWORD.

After creating the secure database click on "Add new entry" to enter and save your password and you should see something like shown below ... here you can also tell KeePassX to generate the secure password.

Save the changes to return back to the main screen and whenever you need to provide the username and password you can use the feature of "copy password to clipboard" or "copy username to clipboard" of KeePassX.

I hope this tutorial has been useful for you too! If you've enjoyed this post, please consider subscribing to Linuxpoison for future updates and more.
Read more

Hiding secret data into image and audio files (OpenSuSe)

Steghide is a steganography program that is able to hide data in various kinds of image and audio files. The color-frequencies (for image files) or sample-frequencies (for audio files) are not changed, thus making the embedding resistant against first-order statistical tests.

Features include:
    * Compression of embedded data
    * Encryption of embedded data
    * Embedding of a checksum to verify the integrity of the extraced data
    * Support for JPEG, BMP, WAV and AU files

You should have the following packages (libraries) installed to use steghide. (you can get all these lib from Mhash, MCrypt, libjpeg, zlib

Download the rpm file for Steghide
Install this rpm file using command: # rpm -ivh steghide-0.5.1-1.i386.rpm

The basic usage is as follows: Go to command prompt and use following commands
$ steghide embed -cf image.jpeg -ef file.txt
Enter passphrase:
Re-Enter passphrase:
embedding "file.txt" in "image.jpeg"... done
This command will embed the file file.txt in the cover file image.jpeg.

After you have embedded your secret data as shown above you can send the file image.jpeg to the person who should receive the secret message. The receiver has to use steghide in the following way:
$ teghide extract -sf image.jpeg
Enter passphrase:
the file "file.txt" does already exist. overwrite ? (y/n) y
wrote extracted data to "file.txt".
If the supplied passphrase is correct, the contents of the original file file.txt will be extracted from the stego file image.jpeg and saved in the current directory.

If you have received a file that contains embedded data and you want to get some information about it before extracting it, use the info command:

$ steghide info image.jpeg
  format: jpeg
  capacity: 9.9 KB
Try to get information about embedded data ? (y/n) y
Enter passphrase:
  embedded file "file.txt":
    size: 129.0 Byte
    encrypted: rijndael-128, cbc
    compressed: yes

Read more

Archiving, Encryption and File split tool - PeaZip

PeaZip is a cross-platform portable file archiver, released under LGPL.

PeaZip supports many different archive and compression formats including: 7z, 7z-sfx, ARC/WRC, BZ2, GZ, LPAQ, PAQ, PEA, QUAD, split, TAR, UPX, ZIP; Read: 7Z, ARC/WRC, ACE, ARJ, BZ2/TBZ2, CAB, CHM, CPIO, DEB, GZ/TGZ, ISO, JAR/EAR/WAR, LZH, NSIS, OOo, PAK/PK3/PK4, PAQ, PEA, PET/PUP, QUAD, RAR, RPM, SLP, split, TAR, U3P, WIM, XPI, Z/TZ, and ZIP/SMZIP.

PeaZip is developed in FreePascal using the Lazarus development environment.
PeaZip can be easily integrated with GNOME and KDE.

Features include:
    * Volume spanning
    * Compression
    * Authenticiated encrpytion
          o 7Z, with AES256 encryption
          o ARC, with AES256, Blowfish, Twofish256 and Serpent256 encryption
          o PEA, with AES256 authenticated encryption (EAX mode)
          o ZIP with WinZip's AE encryption based on AES256
          o ARC format protects archives against corruption employing recovery records
    * Edit, save and restore archive layouts
    * Apply multiple filters to archive contents
    * Handle multiple archives simultaneously
    * Split/join files
    * Wipe files (secure deletion
    * Compare, checksum and has files
    * System benchmark
    * Generate random passwords and key files

Installation of PeaZip:
PeaZip for openSUSE (PackMan)
PeaZip for Mandriva (MIB Mandriva Italia Backports)
Ubuntu/Debian (DEB)
Fedora (rpm)

After successful installation of PeaZip go to console and type command: peazip to open up the application

Read more

DenyHosts Installation and Configuration on OpenSuSe

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/messages on OpenSuSe, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?

DenyHosts attempts to address the above... and more by by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses, adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins.

Features include:
    * Parses authentication log to find all login attempts and filters failed and successful attempts
    * Synchronization mode allows DenyHosts daemons the ability to share data via a centralized server to proactively thwart attacks
    * DenyHosts Can be run from the command line, cron or as a daemon
    * Records all failed login attempts for the user and offending host
    * For each host that exceeds a threshold count, records the evil host
    * Keeps track of each non-existent user when a login attempt failed
    * Keeps track of each existing user (eg. root) when a login attempt failed
    * Keeps track of each offending host
    * Keeps track of suspicious logins (that is, logins that were successful for a host that had many login failures)
    * Keeps track of the file offset, so that you can reparse the same file (/var/log/secure) continuously (until it is rotated).
    * When the log file is rotated, the script will detect it and parse from the beginning
    * Appends /etc/hosts.deny and adds the newly banned hosts
    * Optionally sends an email of newly banned hosts and suspicious logins
    * Keeps a history of all user, host, user/host combo and suspicious logins encountered which includes the data and number of corresponding failed login attempts
    * Maintains failed valid and invalid user login attempts in separate files, such that it is easy to see which valid user is under attack (which would give you the opportunity to remove the account, change the password or change it's default shell to something like /sbin/nologin
    * Upon each run, the script will load the previously saved data and re-use it to append new failures
    * Resolves IP addresses to hostnames, if available
    * /etc/hosts.deny entries can be expired (purge) at a user specified time

Installation: Use "1-click" installer to install DenyHosts
OpenSuSe 11.1 - Install DenyHosts
OpenSuSe 11.0 - Install DenyHosts

Configuration of Denyhosts:
You can find the main configuration: /etc/denyhosts.conf where most of the settings are good for any normal operation of DenyHosts but you can also tweak it more to suite your needs. look into the comments in this file to know more about the configuration details

Few other important setting:
# vi /var/lib/denyhosts/allowed-hosts
# vi /etc/hosts.allow

you'll want to add in these 2 files the IP(s) you will use to connect to your system that's running Denyhosts so that you aren't inadvertently denied access to your own system(s).

Starting the service and marking it to run on each system reboot:
# service denyhosts start; chkconfig --level 2345 denyhosts on
Read more

How to calculates CRC checksum and the byte count for file(s)

cksum prints the CRC checksum for each file along with the number of bytes in the file, and the file name unless no arguments were given.

cksum is typically used to ensure that files transferred by unreliable means have not been corrupted, by comparing the cksum output for the received files with the cksum output for the original files (typically given in the distribution).

The CRC algorithm is specified by the POSIX standard. It is not compatible with the BSD or System V sum algorithms and cksum is more robust.

The only options are --help and --version.
An exit status of zero indicates success, and a nonzero value indicates failure.

Example of using cksum:
Create file with following text:

$ echo "Open source is a development method for software that harnesses the power of distributed peer review and transparency of process." > file.txt

$ cksum file.txt
1121778036 130 file.txt

Here cksum calculate a cyclic redundancy check (CRC) of given file (file.txt). Users can check the integrity of file and see if the file has been modified. use your favorite text editor and remove a "." from the end of the sentence and run cksum again on the same file and observe the difference in the output

$ cksum file.txt
2131559972 129 file.txt
Another Example:
cksum can be also be used for checking the bunch of files, first get the checksum of the entire files withing the directory
$ cksum * > /someother/location/cksum.list
Above command generates checksums' file.
Now after transferring the files, run the cksum command on the same sets of file to get the new chksum figure and finally compare these two values to figure out if the files are been tempered or not.
$ cksum * > /someother/location/cksum.list-2
$ diff cksum.list cksum.list-2

cksum also can be used for fast searching for duplicates.
$ cksum *
Read more

Block ssh brute force attack on OpenSuSe

A brute force attack consists of trying every possible code, combination, or password until you find the right one.

As an example, imagine a system which only allows 4 digit PIN codes. This means that there are a maximum of 10,000 possible PIN combinations.

From the example above, PIN security could be increased by:
    * Increasing the length of the PIN
    * Allowing the PIN to contain characters other than numbers, such as * or #
    * Imposing a 30 second delay between failed authentication attempts
    * Locking the account after 'x' failed authentication attempts

Will try to implement the option #3 & #4 in OpnSuSe using SuSEfirewall
open your favorite editor and edit file: /etc/sysconfig/SuSEfirewall2:

# Add the following rule

# Now Restart firewall:
rcSuSEfirewall2 restart

Now attacker will just have 3 attempts to break in.

I hope this tutorial has been useful for you too! If you've enjoyed this post, please consider subscribing to Linuxpoison for future updates and more.
Read more

Searching files using catfish - OpenSuSe

Catfish is a handy file searching tool for linux and unix.

Basically Catfish is a frontend for different search engines (daemons) which provides a unified interface. The interface is intentionally lightweight and simple, using only GTK+ 2. You can configure it to your needs by using several command line options.

At present Catfish supported backends are find, (s)locate, doodle, tracker, beagle, strigi and pinot.

Installation: OpenSuse user can use "1-click" installer to install Catfish
OpenSuSe 11.1 - here

After successful installation go to terminal and type command: catfish to open up the application

When Catfish opens you will see what should be a very user-friendly interface broken into two panes. The left pane is where you enter all of your search options and the right pane is where your search results will appear.

You may also  notice there are no options for Catfish itself. This makes Catfish focus only on the searching so it is as efficient as possible, just select the type of search engine you want to use, enter the search phase and hit "find" to get your search results.

I hope this tutorial has been useful for you too! If you've enjoyed this post, please consider subscribing to Linuxpoison for future updates and more.
Read more

History of Unix-like operating systems showing Linux's origins

Read more

Kool Ubuntu GDM Themes

Ubuntu Black

Ubuntu Sky

Underground Ubuntu

Ubuntu Wood

Ubuntu Leaf

Ubuntu Blue

Ubuntu Metal

Ubuntu Nuovum

Ubuntu V-TEC

Ubuntu 3D

Ubuntu Rust

Energy Bliss

Ubuntu Professional

Ubuntu NextG

Dark Ubuntu Aurora


I hope this tutorial has been useful for you too! If you've enjoyed this post, please consider subscribing to Linuxpoison for future updates and more.
Read more

KDE desktop Blogging Client - KBlogger

KBlogger is a simple to use blogging application for the K Destkop Environment. KBlogger integrates in KDE Kicker for easy and fast blogging or is available as a standalone application for KDE 4. The Interface is slick and tries to provide all features support on the server side for your convenience. Just configure your blog, load the editor and start writing.

OpenSuse user can use "1-click" installer to install KBlogger
OpenSuSe 11.1 - here

Configuration is done via the applet menu. To enter the configuration menu click on the little arrow left of the applet, then choose Configure KBlogger, the configuration dialog pops up. There you can set all needed options, in case you don't know what an option means, there are some short descriptions:

* API is the type of API you use at your blog, this can be either the Google Blogger API or the MetaWeblog API.
* URL describes the path to the xml-rpc gateway, e.g.
* Blog-id is the id of your blog on the server.
Read more

Twitter client for KDE 4.2 - KDEtwitter

KDEtwitter is a Twitter widget in KDE 4.2 which allows you to quickly:

    * Post messages directly from your desktop, without accessing your Twitter home page
    * Get notified when you receive updates

You don’t have to configure anything other than your account and the password associated with it and you’re ready to tweet.

When you click Add Widgets (on top right corner of your desktop), a window labeled Add Widgets appears. It contains a list of all the plasmoids installed on your system, and each one has a description below its name.

And from this list you can select KDEtwitter and add to your desktop and after configuring the twitter username/password you should see something like ... from where you can receive & send messages.
Read more

Microblogging client for Twitter, Jaiku, Facebook, Flickr, Digg, and RSS - Gwibber

Gwibber is an open source microblogging client for GNOME developed with Python and GTK. It supports Twitter, Jaiku, Facebook,, Digg, Flickr, and RSS.

Gwibber can post and receive messages from multiple social networking services, including Twitter, the open source Twitter variant,,, Digg, Pidgin, Facebook, Flickr,, Jaiku and RSS/Atom feeds.

It comes packaged for a number of distributions, including Ubuntu, openSUSE and Fedora. While Gwibber doesn't yet deliver every last feature that every social network it connects to provides, it's a great way to keep up with reading and posting across networks with relatively little effort.

Jaunty Jackalope (Ubuntu) already got gwibber in the repositories and can be installed with a simple command: $sudo apt-get install gwibber
OpenSuse 11.1 user can use "1-click" installer to install gwibber

After successful installation of gwibber, go to terminal (GNOME) and type command: gwibber to start the application

Gwibber's account set up and management is straightforward. Gwibber comes with a few default themes that feature some individual customization options (different social networks can be assigned different colored banners for their updates), and while additional themes are available, they're not located in one central repository.
Read more

Front-end for the ClamAV antivirus toolkit - klamav/Clamtk

One of the more popular Linux anti-virus tools is ClamAV. But to most users (especially new users) ClamAV is a bit challenging to use. That is where KlamAV comes in. KlamAV does an outstanding job of making ClamAV a user-friendly tool.

Before using klamav you need to have Clamav antivirus installed:
To install ClamAV on your ubuntu, open the terminal and type: sudo apt-get install clamav 

OpenSuse user can use "1-click" installer to install Clamav
OpenSuse 11.1 - here
OpenSuse 11.0 - here

By default, ClamAV does not include any graphical environment and all the operation needs to be done using command line now to make life easy for the user we got two graphical application, Klamav for KDE and Clamtk for Gnome

If you're using KDE environment, type in the terminal:sudo apt-get install klamav
If you're using GNOME environment, type in the terminal: sudo apt-get install clamtk

OpenSuse user can use "1-click" installer to install klamav
OpenSuse 11.1 - here
OpenSuse 11.0 - here

OpenSuse user can use "1-click" installer to install Clamtk
OpenSuse 11.1 - here
OpenSuse 11.0 - here
Read more

How to disable loading of unnecessary kernel modules

What exactly is a kernel module? A Kernel Module is a program that is not actually compiled into the Linux kernel but is loaded separately. Kernel modules enable you to extend the capabilities of the kernel without the need to build extra functionality directly into the kernel image. A good example is the device driver.

There are certain advantages with using kernel modules as opposed to having the drivers compiled into the kernel. They can be unloaded (rmmod) and reloaded (modprobe, insmod) at any time, allowing you to pass different parameters to them rather than specify them once on bootup as kernel parameters or update them without rebooting. The fewer drivers you need, the fewer modules you need to load and the less memory Linux needs to operate. Also, to upgrade a modularized driver you just need to recompile the module, whereas if the driver is part of the kernel then you have to recompile the kernel. For hotpluggable buses like USB, the modules can be loaded on demand rather than all at once.

You can see what modules are already loaded into the kernel by running lsmod, which gets its information by reading the file /proc/modules

Many time it happens that there are lots of module gets loaded into memory and which are not required and hence its better if we disable loading of such module to enhance the performance of the system.

How to disable loading of unnecessary kernel modules
* Open the shell and type command lsmod to see what are the modules that are loaded.

* Check the value in section "used by", if the value is "0" it means that the this kernel module is not been used by any of the application/process and it's unnecessary occupying the space in the memory, the best way to know about such module to use google/bing search engine and if you feel that this module is not required you can simply unload it, for example if you don;t have the floppy drive then why to load floppy module :)

* Ok, so you have figure out what all module you want to blocking loading at the time of booting, go to console and open file /etc/modprobe.d/blacklist and add the kernel module that you want to disable loading, example shown below where I am disabling the loading of floppy & ipv6 kernel module.

blacklist ipv6
blacklist floppy

This tip can also use it to disable ipv6 on linux unless you wanted to just add the line
blacklist ipv6
Read more

Increase the booting speed of Fedora

Initng is a full replacement of the old and in many ways deprecated sysvinit tool. It is designed with speed in mind, doing as much as possible asynchronously. In other words: It will boot your unix-system much faster, and give you more control and statistics over your system.

The basic premise is that startup commands can be launched as soon as their dependencies are met. This limits the effect of bottlenecks like I/O operations; while one program is performing I/O, another can be utilizing the processor. Initng tracks the individual service dependencies in its configuration files.

It is designed to use a minimum of system resources and to boot your system quickly and safely.

Installing initng on a Fedora system
Initng is incorporated into Fedora Extras. Only thing you need to do to install initng is a simple

yum install initng

A new boot entry is automatically added to your grub configuration file, all you'll have to do is reboot and choose the new entry in the grub menu. The old configuration file is backuped as /boot/grub/grub.conf.bak.

The installation also tries to figure out what services/daemons should be enabled by default. Since this process isn't 100% fail proof I recommend you to check the files /etc/initng/default.runlevel and /etc/initng/system.virtual before rebooting.
Read more

How to Edit PDF Files in Linux - PDFEdit

PDF files are often believed to be locked, requiring a tool from Adobe to edit or modify. That said, on Linux you can do almost anything with them using a simple software tool: PDFEdit. A combination of a good graphical interface and the power to edit the raw PDF file, PDFEdit is an open source project that gives you the ability to work with any PDF document you wish.

PDFedit is primary created for simple editing and manipulation of documents in PDF format. There is a graphical and command line interface available.

The software lets you change either raw PDF objects (for advanced users) or use predefined GUI functions. Functions can be easily added as everything is based on a scripts.

Scripting is used to a great extent in the editor and almost anything can be scripted. It is also possible to create your own scripts or plugins to enhance the functionality of the package.

PDFedit is a low-level application for technical users that provides structured access to the internal structure of the PDF file. It may require familiarity with PDF specifications to be able to make substantial modifications.

OpenSuse user can use "1-click" installer to install PDFedit
OpenSuse 11.1 - here
OpenSuse 11.0 - here

If you are using Debian or Ubuntu Linux, enter: $ sudo apt-get install pdfedit

Editing PDF Files with PDFEdit editor
To start PDFEdit, type: $ pdfedit /path/to/pdf.file &

Read more

Multimedia Support in Fedora 11

Why doesn’t Fedora support MP3 ‘out of the box’?
Fedora cannot include support for MP3 or DVD video playback or recording. MP3 formats are patented, and the patent holders have not provided the necessary licenses. Fedora also excludes other multimedia software due to patent, copyright, or license restrictions, such as Adobe Flash Player and RealNetworks RealPlayer.
That doesn’t mean you can’t play .mp3 files in Fedora, it just takes a bit of work (not much).

Follow these instructions to get mp3 and other multimedia support on your Fedora 11.
Open a terminal and become root, then run this command:

rpm -Uvh
rpm -Uvh  

Now, Install all other plug ins..

# yum -y install gstreamer-plugins-bad gstreamer-plugins-ugly xine-lib-extras-nonfree

After successful installation, open Amarok or any other multimedia player and try to play the mp3 file and see if all goes fine and you are able to hear the music.

To install xmms and make it MP3-capable, start by doing this:

# yum install xmms xmms-mp3

MPEG, QuickTime, AVI, and DVDs
MPEG (the format used on DVDs) represents itself as an open standard, but most Linux distributions won't ship software that read it because of blocking patents held by MPEGLA. AVI and Apple QuickTime have proprietary codecs covered by patents, so most Linux distributions won't ship software that decodes them, either.

Unfortunately, the alternate front end xine is even more broken. It can be installed this way:

# yum install xine xine-lib libdvdcss

Doing this will also install a number of support libraries, including the libdvdcss plugin
Read more

How to Cut/Split Video using Avidemux

Avidemux is a graphical tool to edit videos. It can open AVI, openDML, MPEG, Nuppelvideo, and BMPs. Most common codecs are supported (M-JPEG, MPEG, DivX, Xvid, huffyuv, WMA, etc.) thanks to libavcodec and libmpeg2. Video can be edited, cut, appended, filtered (resize/crop/denoise), and re-encoded to either AVI (MPEG4/MJPEG) or MPEG 1/2. The Spidermonkey Javascript engine is used to give powerful scripting capabilities.

OpenSuse user can use "1-click" installer to install Avidemux
OpenSuse 11.1 - here
OpenSuse 11.0 - here
After sucessfull installation, open the application (Start >> Application >> Multimedia)

For Ubuntu user, Avidemux can install easily by opening the console and typing
sudo apt-get install avidemux
Once installed, you will find on the menu Applications / Sound & Video / Avidemux

To split a file or a section of a file do the following.
Open and select the file you want to split (File / Open).

Then, with the bar below, select the point where we want to start our video and clicking on the letter A using icon  A and mark point B  B where you want to end (cut) your video (as shown in the figure below)

Finally from the menu select File / Save / Save Video
Read more

Create Ubuntu packages (deb)

GiftWrap is made for the artist who wants to share their theme, the developer who wants to share their software, or the common user who wants to install from packages and not source code.

It helps you in creating Ubuntu .deb packages by guiding through the process with minimal fuss and maximum automation. GiftWrap also aims to help you in creating high-quality packages by helping you fill in as most of the package meta-information as possible - either by automatically detecting or explaining the options in an easy to understand manner.

 * Creation of basic packages from source archives or folders
 * Creation of debian package rules - so maintainer name, email, description, build-depends, recomments & etc. fields
 * Automatic building of packages - so at the end of the process you get an installable .deb that you can share with others (along with a .changes & .orig.tar.gz file for uploading to a PPA)

Copy/paste the following into the terminal to quickly install:

echo deb `lsb_release -cs` main | sudo tee /etc/apt/sources.list.d/ppa.list
sudo apt-key adv --recv-keys --keyserver 207CAD03
sudo apt-get update && sudo apt-get install giftwrap

Read more

Install MS True Type Fonts in Fedora

Microsoft's True Type fonts can also be used on Linux. Not only can they improve visibility, they are essential for proper look and layout. The installation is very simple…

1) Make sure you have the following rpm-packages installed in your distribution. Any version should do.
ttmkfdir utility
cabextract utility

2) # sudo yum install rpm-build cabextract

3) # wget

4) # rpmbuild -bb msttcorefonts-2.0-1.spec

5) Note the path where the rpm is written and use it in the command below.
# rpm -ivh /usr/src/redhat/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm

6) Restart the windows manager by pressing Ctrl-Alt-Backspace.

Enjoy your new high quality fonts. To verify that the installation succeeded, please use the command 'xlsfonts | grep ^-microsoft'. You should see a whole lot of microsoft font names there. Please note that you need to restart all programs that you want to make aware of the new fonts.
Read more

Increasing Bugzilla attachment size & saving large attachment on filesystem

By default Bugzilla sets the maximum size of attachments and patches to 1 MB.
In order to increase this you need to make a change to both Bugzilla and MySQL

Change the maxattachmentsize parameters in Bugzilla
In Admin login, go to "Parameters" >>  Attachments >> maxattachmentsize, here you can change the Attachment Size as your wish as shown in the screenshot below

Change the size of allowed allowed packets in MySQL
Go to your the max_allowed_packet setting in your mysql my.cnf file:


Saving attachment to filesystem:
The value of parameter "maxattachmentsize" will allow the user to save the attachment into mysql DB and anything above this value and less than the value specified in parameter "maxlocalattachment", bugzill will save the attachment on the filesystem, so adjust the parameter as per your need.

Now if user want to attach the file having size more than the value specified in "maxattachmentsize" parameter, user need to enable the "BigFile" option while adding the attachment, in this case system will save this file on filesystem under bugzilla installation folder "/data/attachment"

Read more

Squid Error : Name error: the domain name does not exist

Problem (example):
The requested URL could not be retrieved
While trying to retrieve the URL: http://intranet/

The following error was encountered:
    Unable to determine IP address from host name for http://intranet

The dnsserver returned:
    Name Error: The domain name does not exist.

This means that:
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.

append_domain : This directive helps Squid turn single-component hostnames into fully qualified domain names. For example, http://www/ becomes This is especially important if you are participating in a cache hierarchy.

Add the following directive into you squid.conf file to solve the above problem

Read more

How to list Open Files and Network Connections

Lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It can also list communications open by each process.

One evident advantage this capability is security. For example, if a spyware or other malware program was sending information from your computer to the Internet or to a file on your hard disk, it would show up in the output of these commands.

lsof – list open files
This simple command often ran with no arguments, and does just what it says: lists every single open file by every program running at the time. The output of lsof typically looks like this:

In this case the output is too large, so the better way to redirect the output to some file for further analysis, use this command to redirect the output: lsof > output.txt and or filter it using various pipe commands.
Another example, if one wants to see if the special file (application) firefox is open by any processes, we run the following command: lsof | grep /usr/lib/firefox/firefox

list open network sockets (connections)
In addition to listing open files, lsof can list open network sockets (connections) when given the -i switch.

If you observe the output you can see the list of open connections made by different process/application to/from you local box
Read more

Linux Market Share Passes 2% just releasted their April market share stats and linux passed 2.16% for the first time ever.

Read more

Setting the SUID/SGID bits

SetUID bit, the executable which has the SUID set runs with the ownership of the program owner. That is, if you own an executable, and another person issues the executable, then it runs with your permission and not his. The default is that a program runs with the ownership of the person executing the binary.

The SGID bit is the same as of SUID, only the case is that it runs with the permission of the group. Another use is it can be set on folders,making files or folders created inside the SGID set folder to have a common group ownership.

Note : Making SUID and SGID programs completely safe is very difficult (or maybe impossible) thus in case you are a system administrator it is best to consult some professionals before giving access rights to root owned applications by setting the SUID bit. As a home user (where you are both the normal user and the superuser) the SUID bit helps you do a lot of things easily without having to log in as the superuser every now and then

Setting SUID bits on the file:
Suppose I got the executable called "killprocess" and I need to set the suid bit on this file, go to command prompt and issue command: chmod u+s killprocess

Now check permission on the file with command ls -l killprocess, observe "s" that has been added for suid bit

-rwsr-xr-x 1 root root 6 Jun  7 12:16 killprocess

Setting GUID bits on the file:
go to command prompt and issue command: chmod g+s killprocess
This will set the GUID bit on the same file, check the permission on this file using command: ls -l killprocess
-rwsr-sr-x 1 root root 6 Jun  7 12:16 killprocess
Read more

OpenSUSE 11.1: Documentations

openSUSE 11.1 provides all the tools and resources you need for effective home computing and computing on the go. It includes a complete, intuitive Linux desktop with a Web browser, instant messenger, e-mail client, photo catalog, word processor, spreadsheet, graphics tools, multimedia software, games and more. Its office suite is 100-percent compatible with Microsoft Office, and it also features the latest software for home networking, wireless support, Web hosting, virtualization, application security and software development.

Getting Started:
    * openSUSE 11.1 Start-Up
    * KDE Quick Start
    * GNOME Quick Start

User Guides:
    * KDE User Guide
    * GNOME User Guide

    * openSUSE 11.1 Reference Guide
    * Security Guide
    * AppArmor 2.3.1 Quick Start
Read more

Secure alternative to telnet

Telnet is a protocol allowing you to connect to a remote system and run programs and commands on that system. It is very old and still very much in use today.

Unfortunately, Telnet, by default, does not encrypt any data sent over the connection (including passwords), and so it is often practical to eavesdrop on the communications and use the password later for malicious purposes; anybody who has access to a router, switch, hub or gateway located on the network between the two hosts where Telnet is being used can intercept the packets passing by and obtain login and password information (and whatever else is typed) with any of several common utilities like tcpdump and Wireshark.

On the other hand, a program called ssh exists that can replace both telnet and ftp in a secure, encrypted way.

Ssh stands for Secure Shell. It will encrypt each connection with a random key, so that it is impossible or at least very hard for a third party to decrypt the connection and find the password, or spy on you.

Use putty (Here)  if you are on windows or use "ssh" command (example shown below) from Linux/UNIX box to connect to the remote server.

# ssh
The authenticity of host ' (' can't be established.
RSA key fingerprint is 2b:91:9b:c1:a7:57:91:dc:93:b3:04:50:c0:b9:bd:ba.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (RSA) to the list of known hosts.
Read more
Related Posts with Thumbnails