linux poison RSS
linux poison Email

Personal Full Text Search UI Application - Recoll

Recoll is a full text search application. Full text search applications let you find your data by content rather than by external attributes (like a file name). More specifically, they will let you specify words (terms) that should or should not appear in the text you are looking for, and return a list of matching documents, ordered so that the most relevant documents will appear first.

You do not need to remember in what file or email message you stored a given piece of information. You just ask for related terms, and Recoll will return a list of documents where those terms are prominent, in a similar way to Internet search engines.

Recoll uses the Xapian information retrieval library as its storage and retrieval engine. Xapian is a very mature package using a sophisticated probabilistic ranking model. Recoll provides the mechanisms and interface to get data into and out of the system.

Read more

Control your Android Device from a Web Browser Over-The-Air - Airdroid

AirDroid is a fast, free app that lets you wirelessly manage & control your Android devices (phone & tablet) from a web browser.

It’s designed with the vision to bridge the gap between your Android device and web browser, on desktop computers or tablet devices, on Windows or Mac.

AirDroid Features:
Files: Transfer files between Android devices and computers. Cut, copy, paste, search, rename or delete files on the SD card. 
SMS: Read, send, forward or delete SMS messages. 
Applications: Install, uninstall, backup, search apps and do batch processing. 
Photos: Preview, delete, import, export, set as wallpaper and photos slide show from desktop. 
Clipboard: Share clipboard text between desktop and device. 
Contacts: Group, search, create contacts, check and delete call logs. 
Ringtones: Search, preview, import, export, delete and customize ringtones for phone calls, notifications and alarms. 
Music: Play, search, import, export, delete, or set as phone call, notification and alarm ringtones.

Read more

Install or Upgrade to Firefox 9 in Ubuntu

Firefox 9 was released on December 20, 2011; version 9.0.1 was released a day later and is currently the latest stable version in the "Release" channel.

The latest version of Firefox has the following changes:
 * Added Type Inference, significantly improving JavaScript performance
 * Improved theme integration for Mac OS X Lion
 * Added two finger swipe navigation for Mac OS X Lion
 * Added support for querying Do Not Track status via JavaScript
 * Added support for font-stretch
 * Improved support for text-overflow
 * Improved standards support for HTML5, MathML, and CSS
 * Fixed several stability issues
 * Fixed several security issues

Read more

Listen Music from Cloud Music Services using Nuvola Player

Nuvola Player runs web interface of cloud music service in its own window and provides integration with a Linux desktop (system tray, Ubuntu sound menu, dock menu and notifications).

Nuvola Player currently supported services are
 * Google Music
 * Grooveshark
 * Hype Machine
 * 8tracks.

Nuvola Player Features:
 * With Nuvola Player you will never accidentaly close web browser with playing music and window with your music is easily accesible from your dock/task bar instead of tab bar of your web browser.
  * Nuvola Player shows notifications with currently playing song (Ubuntu, GNOME Fallback mode, GNOME Shell).
* Nuvola Player adds extra menu items to control playback (play/pause, previous/next song) or exit application.

Read more

MySQL Password Recovery and Auditing Software - MysqlPasswordAuditor

MysqlPasswordAuditor is the FREE MySQL password recovery and auditing software (for windows based systems). MySQL is one of the popular and powerful database software used by most of the web based and server side applications.

If you have ever lost or forgotten your MySQL database password then MysqlPasswordAuditor can help in recovering it easily. It can also help you to audit Mysql database server setup in an corporate environment by discovering the weak password configurations. This makes it one of the must have tool for IT administrators & Penetration Testers.

MysqlPasswordAuditor is very easy to use with the simple dictionary based password recovery method. By default it includes small password list file, however you can find more password dictionary files at OpenWall collection. You can also use tools like Crunch, Cupp to generate custom password list files on your own and then use it with MysqlPasswordAuditor.

Read more

Happy Merry Christmas To All Our Readers From Linuxpoison

Linuxpoison Author would like to wish all of you a very Merry Christmas. Thank you for reading this blog and we hope you enjoyed the posts this year.

Stay tune, we will be posting the top 10 post of year 2011.

Read more

Convert and Resize an Unlimited Number of Images - Converseen

Converseen is an open source project written in C++ with the powerful Qt4 libraries. Thanks to the Magick++ image libraries it supports more than 100 image formats. Converseen can convert and resize an unlimited number of images to any of the most popular formats: DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript, SVG, and TIFF.

With Converseen you can save your time because it allows you to process more than one image with one mouse click!

Converseen is very simple: it features a very simple user interface without strange options.

With converseen you can:
 * Carry out a single or a multiple conversion.
 * Resize one or multiple images.
 * Compress images for your web pages.

Read more

Flash Video (flv) Metadata / Cue Point Injector and Cutting Tool - Flvtool2

FLVTool2 calculates various meta data and inserts a onMetaData tag in the video. It cuts FLV files and adds cue Points (onCuePoint). A debug command shows the inside of a FLV file and the print command gives meta data information in XML or YAML format.

What is CuePoint:
A cue point is a point at which the video player dispatches a cuePoint event while a video file plays. You can add cue points to an FLV file at times that you want an action to occur for another element on the web page. Cue points allow you to receive control in your ActionScript code to synchronize points in your FLV file with other actions on the web page. 

FLVTool2 Features
 * Batch processing
 * Directory recursion
 * Command chaining
 * FLV files cutting
 * onCuePoint tag insertation via XML file
 * Custom onMetaData key-value pairs
 * Meta data printout in XML or YAML
 * Simulation mode
 * Runs on Windows, Linux and Mac OSX
 * Ideal for serverside automatic meta data injection

Read more

Metadata Injector for FLV Video Files - Flvmeta

The information that composes an FLV file is the data, and the metadata is information about that video. The length of the video (duration), the number of frames per second that the video displays (frame rate), and the number of kilobytes of data transferred per second when the video plays (video and audio data rates, where applicable) are all examples of video metadata. Additionally, the codec used to encode the video is also available.

Importance of FLV Metadata
Most FLV players read the metadata first to know the duration of the video file. After that it initializes or synchronizes the video file with its timeline or seekbar. If there is no metadata the seekbar will not progress with the video. Secondly, for more intelligent FLV players that serve the video or rather buffer the video dynamically, depending on the user’s internet speed, the FLV players read the FLV video bitrate from the FLV metadata and then sets the buffer accordingly.

Read more

Shares Files Using HTTP Protocol - Qweborf

Transferring files from one computer to another on a network isn't always a straightforward task. Equipping networks with a file server or FTP server or common web server is one way to simplify the process of exchanging files, but if you need a simpler yet efficient method, try Qweborf, Qweborf is a small GUI based application that facilitates transfer of files across networks and only requires the recipient of the files have a Web browser.

Qweborf  provides  an  easy to use interface to share local files using the HTTP protocol weborf as web-server.  It can enable writing on  the  server,  webdav  and authentication.

Qweborf Installation:
Open the terminal and type following command to install Qweborf:
sudo apt-get install qweborf
Read more

Multiple GNOME Terminals in one Window - Terminator

Terminator, multiple terminals in one window. The goal of this project is to produce a useful tool for arranging terminals. It is inspired by programs such as gnome-multi-term, quadkonsole, etc. in that the main focus is arranging terminals in grids (tabs is the most common default method, which Terminator also supports).

Terminator gives the possibility of having multiples terminal within the same window. As such, it makes it easier to handle multiple terminal sessions as for instance, working in one console and monitoring another one without constantly switching from a window to another.

Terminator Features:
 * Arrange terminals in a grid
 * Tabs
 * Drag and drop re-ordering of terminals
 * Lots of keyboard shortcuts
 * Save multiple layouts and profiles via GUI preferences editor
 * Simultaneous typing to arbitrary groups of terminals

Read more

Secure Proxy to Surf the Web Anonymously on Linux - Anon-Proxy

Anon-Proxy contains the JAP client which acts as a local proxy between your browser and the insecure Internet. All requests for web pages are handled by JAP and are encrypted several times. The encrypted messages are sent through a chain of intermediate servers (named Mixes) to the final destination on the Internet.

Multiple layers of encryption protect all messages. A Mix collects messages in a batch, totally changes their appearance (removes one layer of encryption) and forwards them all at the same time, but in a different order. An adversary may observe all communication links, however he cannot determine a relation between incoming and outgoing packets. A surfer remains anonymous within the group of all users of the service.

Demonstrably, the Anon-Proxy protects your privacy as long as the Mix works correctly. Each message passes through several Mixes and the entire chain of Mixes has to be corrupt to successfully observe the user's activities. The chaining effectively prevents single Mixes from observing. This is the meaning of strong anonymity: Even the anonymity service itself cannot spy on its users.

Read more

Block Brute-Force Attempts on Ubuntu Linux - Fail2Ban

Fail2ban operates by blocking selected IP addresses that may belong to hosts that are trying to breach the system's security. It determines the hosts to be blocked by monitoring log files (e.g. /var/log/pwdfail, /var/log/auth.log, etc.) and bans any host IP that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator.

Fail2ban is typically set up to unban a blocked host within a certain period, so as to not "lock out" any genuine connections that may have been temporarily misconfigured. However, an unban time of several minutes is usually enough to stop a network connection being flooded by malicious connections, as well as reducing the likelihood of a successful dictionary attack.

Fail2ban can perform multiple actions whenever an abusive IP is detected: update Netfilter/iptables firewall rules, or alternatively TCP Wrapper's hosts.deny table, to reject an abuser's IP address; email notifications; or any user-defined action that can be carried out by a Python script. The standard configuration ships with filters for Apache, Lighttpd, sshd, vsftpd, qmail, Postfix and Courier Mail Server.

Read more

Hardening Ubuntu Linux using Bastille Linux

The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granular reporting on each of the security settings with which it works.

Bastille currently supports the Red Hat (Fedora Core, Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandrake distributions, along with HP-UX. Bastille's focuses on letting the system's user/administrator choose exactly how to harden the operating system. In its default hardening mode, it interactively asks the user questions, explains the topics of those questions, and builds a policy based on the user's answers. It then applies the policy to the system. In its assessment mode, it builds a report intended to teach the user about available security settings as well as inform the user as to which settings have been tightened.

Read more

How to Change the Network MAC Address on Ubuntu Linux - macchanger

A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies. Logically, MAC addresses are used in the Media Access Control protocol sub-layer of the OSI reference model.

MAC addresses are most often assigned by the manufacturer of a network interface card (NIC) and are stored in its hardware, the card's read-only memory, or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number and may be referred to as the burned-in address. It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. A network node may have multiple NICs and will then have one unique MAC address per NIC.

MACChanger is a GNU/Linux utility for viewing/manipulating the MAC addresses of network interfaces. It can set specific, random, vendor-based (with a 6600+ vendor list), and device-type-based MACs.

Read more

A Fast Web Server Log Analyzer - Visitors

Visitors is a very fast web log analyzer for Linux, Windows, and other Unix-like operating systems. It takes as input a web server log file, and outputs statistics in form of different reports. The design principles are very different compared to other software of the same type:

* Designed to be executed by the command line, output html and text reports. The text report can be used in pipe to less to check web stats from ssh.
 * Support for real time statistics with the Visitors Stream Mode.
 * To specify the log format is not needed at all. Works out of box with apache and most other web servers with a standard log format.
 * It's a portable C program, can be compiled on many different systems.
 * The produced html report doesn't contain images or external CSS, is self-contained, you can send it by email to users.
 * Visitors is free software (and of course, freeware), under the terms of the GPL license.

Visitors Reports information
Visitors reports contain a number of useful information and statistics:
 * Requested pages.
 * Requested images.
 * Referrers by hits and age.
 * Unique visitors in each day.
 * Page views per visit.
 * Pages accessed by the Google crawler (and the date of google's last access on every page).
 * Percentage of visits originated from Google searches for every day.
 * User's navigation patterns (web trails).
 * Key phrases used in Google searches.
 * User agents.
 * Weekdays and Hours distributions of accesses.
 * Weekdays/Hours combined bidimentional map.
 * Month/Year combined bidimentional map.
 * Visual path analysis with Graphviz.
 * Operating systems, browsers and domains popularity.
 * 404 errors.

Read more

Automatic SQL Injection Exploitation Tool - TheMole

Author is not responsible for any damage or illegal actions caused by the use of this program.
Use on your own risk!

SQL injection is yet another common vulnerability that is the result of lax input validation. Unlike cross-site scripting vulnerabilities that are ultimately directed at your site’s visitors, SQL injection is an attack on the site itself—in particular its database. The goal of SQL injection is to insert arbitrary data, most often a database query, into a string that’s eventually executed by the database. The insidious query may attempt any number of actions, from retrieving alternate data, to modifying or removing information from the database.

TheMole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

TheMole Features
 * Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
 * Command line interface. Different commands trigger different actions.
 * Auto-completion for commands, command arguments and database, table and columns names.
 * Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the  possibility of creating new ones easily.
 * Developed in python 3.

Read more

Basic Ubuntu System Security Checks - CheckSecurity

The  checksecurity  command  runs  a  small collection of simple system checks which are designed  to  catch  a  few  common  security  issues.
The  checksecurity  command scans the mounted files systems (subject to the filter defined in /etc/checksecurity.conf) and compares the list of setuid  programs  to  the list created on the previous run. Any changes are printed to standard output. Also, it generates a list  of  nfs  and afs  filesystems that are mounted insecurely (i.e. they are missing the nodev and either the noexec or nosuid flags).

checksecurity is run by cron on a daily basis, and the output stored in /var/log/setuid/setuid.changes.

Checksecurity Installation:
Under Ubuntu Linux, open the terminal and type following command to install checksecurity:
sudo apt-get install checksecurity

Read more

GUI Tool to build Firewall on Ubuntu Linux - Firestarter

Firestarter is a firewall tool for Linux, and uses GNOME. You can use the wizard to create a basic firewall, then streamline it further using the dynamic rules. You can open and close ports with a few clicks, or stealth your services giving access only to a select few. It features a real-time hit monitor which you can watch as attackers probe your machine for open ports.

Firestarter itself is not a firewall, rather, it is a frontend for configuring iptables, which is the firewall system built into the Linux kernel.

Firestarter features
    Open Source software, available free of charge
    User friendly, easy to use, graphical interface
    A wizard walks you through setting up your firewall on your first time
    Suitable for use on desktops, servers and gateways
    Real-time firewall event monitor shows intrusion attempts as they happen
    Enables Internet connection sharing, optionally with DHCP service for the clients
    Allows you to define both inbound and outbound access policy
    Open or stealth ports, shaping your firewalling with just a few mouse clicks
    Enable port forwarding for your local network in just seconds
    Option to whitelist or blacklist traffic
    Real time firewall events view
    View active network connections, including any traffic routed through the firewall
    Support for tuning ICMP parameters to stop Denial of Service (DoS) attacks
    Support for tuning ToS parameters to improve services for connected client computers
    Ability to hook up user defined scripts or rulesets before or after firewall activation
    Supports Linux Kernels 2.4 and 2.6

Read more

Utilities to benchmark UNIX systems - Lmbench

Lmbench is a suite of simple, portable, ANSI/C microbenchmarks for UNIX/POSIX. In general, it measures two key features: latency and bandwidth. lmbench is intended to give system developers insight into basic costs of key operations.

There are two attributes that are critical for performance - latency and bandwidth,  and  lmbench  timing harness makes it easy to measure and report results for both.  Latency is usually important  for  frequently executed  operations,  and  bandwidth  is usually important when moving large chunks of data.

Bandwidth benchmarks
 * Cached file read
 * Memory copy (bcopy)
 * Memory read
 * Memory write
 * Pipe
 * TCP

Latency benchmarks
 * Context switching.
 * Networking: connection establishment, pipe, TCP, UDP, and RPC hot potato
 * File system creates and deletes.
 * Process creation.
 * Signal handling
 * System call overhead
 * Memory read latency

Read more

Clone an Ubuntu Installation to Another Computer

dpkg is a tool to install, build, remove and manage Debian packages. dpkg itself is controlled entirely via command line parameters, which consist of exactly one action and zero or more options. The action parameter tells dpkg what to do and options control the behavior of the action in some way.

dpkg –get-selections:
First get list of package selections, and write it to a file.  Without a pattern,  non-installed  packages (i.e. those which have been previously purged) will not be shown in the file.
Use following command:
dpkg --get-selections | tee package_names

Read more
Related Posts with Thumbnails