MintUpdate is a simple, solid, easy to use update manager for LinuxMint that can be used for installing security updates and new versions of packages. It is very easy to use and configure. It gives clear listing of importance and description of each update. Kudos to the LinuxMint for making the update process very easy and painless.
Installation
MintUpdate comes preinstalled with LinuxMint systems. Also, there is a PPA, developed by LFFL, available to install MintUpdate in Ubuntu and derivatives.
Enter the following commands one by one to add the PPA and install MintUpdate.
In our previous tutorial, we discussed about Shinken monitoring framework installation on Ubuntu 14.04. Today, we will discuss how to monitor a Linux client with Shinken. For the purpose of this tutorial, we will monitor Ubuntu client. Although the same method will work for the other Linux distributions.
Step 1: Log in to Shinken server
First, log in to Shinken server as root user.
sudo su
And switch to the shinken user using command:
su shinken
Step 2: Search for Linux packs
Shinken uses predefined templates(packs) to monitor Linux, Windows.
We can see the list of available Linux packs using command:
shinken search linux
Sample output:
glances (david-guenault) [pack,system,linux,glances] : Standard check through checkglances.py and glances server
linux-snmp (naparuba) [pack,linux,snmp] : Linux checks based on SNMP
linux-ssh (naparuba) [pack,linux,ssh] : Linux checks based on SSH without any script on distant server
pack-glances (david-guenault) [pack,system,linux,glances] : Standard check through checkglances.py and glances server
raspberrypi (frescha) [pack,linux,raspberrypi,server,os] : Standard checks
varnish-ssh (kokosny) [pack,linux,varnish,ssh] : varnish checks based on ssh
For windows clients, run:
shinken search windows
Sample output:
windows (naparuba) [pack,microsoft,windows,server,os,wmi] : Standard windows checks, like CPU, RAM and disk space. Checks are done by WMI.
We will test ssh pack. So, install it using command:
shinken install ssh
3. Create host file configuration for Client
Create a new file:
nano /etc/shinken/hosts/client.cfg
Add the following contents.
define host{
use linux,ssh
host_name sk
address 192.168.1.200
_SNMPCOMMUNITY P@ssw0rd
Save and close the file.
Here,
use: Client uses the Linux template(linux-snmp);
hostname: Client system name;
address: Client system’s IP address;
SNMPCOMMUNITY: Client system’s password.
Likewise you can edit the localhost.cfg file and add ssh tag on it.
Network bonding is a method of combining (joining) two or more network interfaces together into a single interface. It will increase the network throughput, bandwidth and will give redundancy. If one interface is down or unplugged, the other one will keep the network traffic up and alive. Network bonding can be used in situations wherever you need redundancy, fault tolerance or load balancing networks.
Linux allows us to bond multiple network interfaces into single interface using a special kernel module named bonding. The Linux bonding driver provides a method for combining multiple network interfaces into a single logical “bonded” interface. The behaviour of the bonded interfaces depends upon the mode; generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring, may be performed.
Types of Network Bonding
mode=0 (balance-rr)
Round-robin policy: It the default mode. It transmits packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.
mode=1 (active-backup)
Active-backup policy: In this mode, only one slave in the bond is active. The other one will become active, only when the active slave fails. The bond’s MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance.
mode=2 (balance-xor)
XOR policy: Transmit based on [(source MAC address XOR’d with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.
mode=3 (broadcast)
Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.
mode=4 (802.3ad)
IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.
Prerequisites:
- Ethtool support in the base drivers for retrieving the speed and duplex of each slave.
– A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require some type of configuration to enable 802.3ad mode.
mode=5 (balance-tlb)
Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.
Prerequisite:
- Ethtool support in the base drivers for retrieving the speed of each slave.
mode=6 (balance-alb)
Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.
Setting up Network Bonding on Ubuntu 14.10
I tested this how-to on Ubuntu 14.10, and it worked well.
We need atleast two network cards. You are free to use n number of NICs.
I have three network interfaces, namely eth0, eth1 and eth2 in my Ubuntu 14.10 desktop. Let us combine two NICs (eth1 and eth2) and make them into one NIC named bond0.
Install Bonding Kernel Module
The following command should be performed with root user privileges.
sudo su
First, we have to install bonding kernel module using the command:
apt-get install ifenslave-2.6
Now, we have to make sure that the correct kernel module bonding is present, and loaded at boot time.
Edit /etc/modules file,
cat /etc/modules
Add “bonding” at the end.
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
# Parameters can be specified after the module name.
lp
rtc
bonding
Now, stop networking service.
/etc/init.d/networking stop
Warning: You should not enter the above command over SSH connection.
Then load the bonding kernel module:
sudo modprobe bonding
Configure Bond0 Interface
First, let us create a bond0 configuration file as shown below.
Go to the directory where Debian/Ubuntu stores the network configuration files. By default, Debian and its derivatives stores the network configuration files under /etc/network/ directory.
Create bond0 configuration file under the above mentioned directory.
vi /etc/network/interfaces
Add the following lines marked in red color to create network bond for eth1 and eth2.
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
#eth1 configuration
auto eth1
iface eth1 inet manual
bond-master bond0
bond-primary eth1
#eth2 configuration
auto eth2
iface eth2 inet manual
bond-master bond0
# Bonding eth1 & eth2 to create bond0 NIC
auto bond0
iface bond0 inet static
address 192.168.1.200
gateway 192.168.1.1
netmask 255.255.255.0
bond-mode active-backup
bond-miimon 100
bond-slaves none
Save and close file.
Note: Here we will be configuring active-backup mode. 192.168.1.200 is bond0 IP address.
Next Start/Restart network service to take effect the changes.
/etc/init.d/networking start
Bring up bond0:
ifup bond0
Note: If you have any problems while bringing up bond0, restart and check again.
Test Network Bonding
Now enter the following command to check whether the bonding interface bond0 is up and running:
cat /proc/net/bonding/bond0
Sample output:
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: eth1 (primary_reselect always)
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:33:6e:fc
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 08:00:27:7c:b8:02
Slave queue ID: 0
As you see in the above output, the bond0 interface is up and running and it is configured as active-backup(mode1) mode. In this mode, only one slave in the bond is active. The other one will become active, only when the active slave fails.
To view the list of network interfaces and their IP address, enter the following command:
cat << EOF > /etc/apt/sources.list.d/openvz-rhel6.list
deb http://download.openvz.org/debian wheezy main
# deb http://download.openvz.org/debian wheezy-test main
EOF
Make sure you have added the following kernel parameters before logging into vz kernel.
vi sysctl.conf
Add the following lines:
# On Hardware Node we generally need
# packet forwarding enabled and proxy arp disabled
net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
# Enables source route verification
net.ipv4.conf.all.rp_filter = 1
# Enables the magic-sysrq key
kernel.sysrq = 1
# We do not want all our interfaces to send redirects
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
5. Install OpenVz usage statistics tools
The following tools to be installed to gather the OpenVZ usage statistics. Here is the reason why you should install these tools.
apt-get install vzctl vzquota ploop vzstats
That’s it. We have successfully installed OpenVZ.
Now, it’s time to reboot and log in to OpenVZ kernel(it should be the default choice in the boot loader). In Ubuntu 14.04, it should be under Advanced options in the boot loader menu.
We’ll see how to create virtual machines using OpenVZ in our upcoming tutorials.
While creating VMs, make sure you have the same subnet on both physical and virtual machine. If you want to use different subnet, you have to edit /etc/vz/vz.conf file,
Jenkins is an open source continuous integration tool written in Java. The project was forked from Hudson after a dispute with Oracle. Jenkins provides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat. It supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, Clearcase and RTC, and can execute Apache Ant and Apache Maven based projects as well as arbitrary shell scripts and Windows batch commands. The primary developer of Jenkins is Kohsuke Kawaguchi, and it is released under the MIT License.
In this tutorial, let us see how to manage OpenVZ using OpenVZ web panel.
Why OpenVZ Web panel?
Very simple, just to make the OpenVZ management more easier. Working on command line might be tedious to new and intermediate users. Using openVZ Web panel, anyone can easily create, delete, manage VMs via a web browser in minutes without having to know all OpenVZ commands.
Installing OpenVZ Web panel
Well, let us install the Web panel.
Run the following command under root user to install OpenVZ Web Panel:
wget -O - http://ovz-web-panel.googlecode.com/svn/installer/ai.sh | sh
The above command will work on almost all Linux operating systems.
Sample output:
Removing downloaded archive: rm -f /opt/ovz-web-panel//ovz-web-panel-2.4.tgz
Installation finished.
Product was installed into: /opt/ovz-web-panel/
[...]
Starting services...
Starting OpenVZ Web Panel...
Starting watchdog daemon...
[OK] Watchdog daemon was started.
Starting web server webrick on 0.0.0.0:3000...
[OK] Web server was started.
Starting hardware node daemon...
[OK] Hardware node daemon was started.
Syncing hardware nodes states...
[OK] Hardware nodes information was synced.
Adding localhost to the list of controlled servers...
Panel should be available at:
hostname: Unknown host
http://:3000
Default credentials: admin/admin
-----------------------------------
That’s it. OpenVZ Web panel has been installed now.
Adjust IPTABLES for RPM based distributions
If you’re accessing the URL from a remote system, you should allow the web panel default port 3000 through your firewall/router.
To do that edit:
vi /etc/sysconfig/iptables
Add the following line:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
Save and exit. Restart iptables service.
service iptables restart
Accessing OpenVZ Web panel
Open up your web browser and enter the following URL in the address bar.
The Dashboard will have the information about logged user and statistics of panel usage. By default, the physical server is localhost itself. Also, it is possible to many physical servers without having to install Web panel on every physical server.
Changing Default Admin user password
As I mentioned before, the default user name and password to login to Wen panel is admin/admin. It is hightly recommended to change the admin user password to something different and stronger.
To do that, Click on the My Profile on the left pane of the Dash board. Enter the new password twice and click the Save button.
The installed OS templates will be listed here. As you see above I have already installed a CentOS 7 template. To create a new Template, click on the Install New OS Template button.
The list of available OS templates will be shown in the next window. Select the OS template of your choice and click Install button. In my case, I selected Ubuntu 14.04 minimal template.
Enter the Server ID, select the OS template, enter IP address and hostname, enter the root password etc. Also, you can define the disk space size, RAM, Swap, DNS server etc,, in the Additional Settings. I go with default values. Finally, click Create button.
Also, you can change the settings of the Virtual server by clicking on the Change Settings button next to the Remove Virtual Server button. And, you also can start/stop/restart the virtual server using the Change state button next to the Change Settings button..
Creating Server Templates
Server templates are used as a source of quality of service limits during virtual server creation. They could be used to simplify new virtual servers creation for different purposes. You can create, edit and remove templates, but, you can’t remove the default template for the physical server.
Click on the localhost button under the Physical Servers section on the left pane of the Dashboard. Then, click Server Templates on the right side.
As I mentioned before, the localhost itself is the default Physical server. You can add more physical server if you want. You don’t have to install OpenVZ web panel on extra physical servers.
To add an extra physical server, click on the Physical Servers button on the left pane of the Dashboard. Then, click Connect new server button.
New virtual servers or OS templates can be installed directly on the server using command line tools. In such case need to select physical server and click “Synchronization” button to perform synchronization between panel’s database and actual state of the server.
Creating Users
By default, there will be two users automatically created while installing OpenVZ. One is admin, the infrastructure administrator, and the another is virtual server owner. If you want new users, you can add them too. Also, you can assign any user as a owner to any VPS. The owners can manage, edit the particular VPS details.
To create a new user, Click on the Users button on the left. Then, click Add user.
In this series of tutorials, we have seen how to install and configure OpenVZ on CentOS and Ubuntu systems. Also, we have seen how to create and manage VMS both in text and graphical mode methods. As far as I know, OpenVZ will be very useful in development environments and other R&D departments that are using multiple and different kind of Virtual machines. You can easily create, edit, delete VM in minutes using OpenVZ within minutes. Hope this tutorial series will give you a basic usage and ideas about OpenVZ. For more details, refer the OpenVZ official website.
Squid Proxy is a a great proxy server mainly used for caching frequently requested web content in order to speed up response time and also save network bandwidth. It supports many different protocols such as HTTP, FTP, TLS, SSL, Internet Gopher and HTTPS. Although it was originally designed to run as a daemon on Unix-like systems there have been several ports to windows, but according to wikipedia more current versions are not being developed.
Squid Proxy is released under the GNU General Public License.
In this tutorial you will learn how to install and setup Squid Proxy on Ubuntu and Debian Linux distributions. Just follow each step of this guide carefully and everything will be ok.
How To Install Squid Proxy
There are many ways to install Squid Proxy on Ubunu and Debian systems, one of them is to use the command apt-get install since there is a package of this proxy available in the default repo. First open a new terminal emulator (CTRL+ALT+T) and update the package index like shown below.
sudo apt-get update
Once the update is finished installing Squid Proxy server on Ubuntu and Debian computers is very easy. All you have to do is run the following command.
sudo apt-get install squid
Then you will be asked if you want to continue with the installation. Type Y.
Image may be NSFW. Clik here to view.
Wait for the download and installation to finish.
Image may be NSFW. Clik here to view.
Squid Configuration
Before playing with this proxy there is something we need to do. Open the configuration file of Squid Proxy which is located under the directory /etc.
Depending on the version installed on your system you have to look for a specific path. Try to look for /etc/squid3/squid.conf or /etc/squid/squid.conf. Once you know where your squid.conf configuration file is located then use your favorite text editor to edit it.
I use vim for text editing.
vim /etc/squid3/squid.conf
Once you have opened the squid.conf file you will see something similar to the following.
Image may be NSFW. Clik here to view.
Look for http_access. Nobody can access the Squid Proxy server by default as http_access is set to deny all.
The line will look like shown below.
http_access deny all
In order to start using the Squid Proxy change http_access to allow.
http_access allow
Image may be NSFW. Clik here to view.
Save the file but do not close it yet. We need to setup a hostname for our proxy server. You can use any name you like as Squid Proxy server allows to do that. The default one is localhost.
Find visible_hostname and give the name you want.
Now use the following command to restart the Squid Proxy.
sudo service squid3 restart
If the above command does not work for you just try the other one shown below.
sudo service squid restart
Image may be NSFW. Clik here to view.
I get the following output.
oltjano@baby:~/Desktop$ sudo service squid3 restart
squid3 stop/waiting
squid3 start/running, process 4025
It is time to test if our proxy server is working or not. Go to your web browser’s settings and configure it to use a proxy server. I use Mozilla Firefox so I am going to show you how to do it for this browser. In case you are using Google Chrome or another web browser just google on how to configure your browser to use a proxy server.
Client Side Configuration
For Firefox:
Go to Preferences -> Advanced ->Network and click on Settingsunder Connection. And click on Manual Proxy Configuration like shown below.
Image may be NSFW. Clik here to view.
Inside HTTP Proxy pus the ip address of the Squid server and port 3128 which is the default port being used by Squid Proxy. You can also change the default port by editing it in squid.conf.
MySQL is an open source database management software that helps users store, organize, and retrieve data. It is a very powerful program with a lot of flexibility.
Image may be NSFW. Clik here to view.
This tutorial will explains how to install MySQL, create a sample database, create a table, insert records into the table, and select records from the table.
Installation
You can install mysql using the following command:
On Ubuntu:
sudo apt-get install mysql-server
On Centos:
sudo yum install mysql-server
Follows the steps below to stop and start MySQL
service mysql start
Starting MySQL. [ OK ]
service mysql status
MySQL running (12588)
service mysql stop
Shutting down MySQL. [ OK ]
Verifying Installation
You can check the MySQL installed version by performing mysql -V as shown below:
[local-host]# mysql -V
mysql Ver 14.14 Distrib 5.1.25-rc, for redhat-linux-gnu (i686) using readline 5.1
Access the MySQL shell
Once you have MySQL installed on your droplet, you can access the MySQL shell by typing the following command into terminal:
mysql -u root -p
After entering the root MySQL password into the prompt, you will be able to start building your MySQL database.
mysql -u root -p
Enter password: password
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 13
Server version: 5.1.25-rc-community MySQL Community Server (GPL)
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
Creating Databases
After connecting as MySQL root user, you can use this command to create database.
In this example, we will create unixmen database.
mysql> create database;
You can check what databases are available by typing this command:
SHOW DATABASES;
Your screen should look something like this:
mysql> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
| unixmen |
| |
+--------------------+
5 rows in set (0.01 sec)
Creating Tables
Before you create a mysql table, you need to choose the database that you want to use:
USE unixmen;
Database changed
The following example creates a article table.
create table article (
id INT AUTO_INCREMENT PRIMARY KEY,
name varchar(20),
number varchar(10),
page int(10)
writing_date DATE);
The command show tables to view all the tables available in the database.
mysql> SHOW TABLES;
+------------------+
| Tables_in_unixmen |
+------------------+
| article |
+------------------+
1 row in set (0.01 sec)
To view the table description, do the following command
mysql>DESCRIBE article;
+-------------+-------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+-------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| name | varchar(20) | YES | | NULL | |
| number | int(11) | YES | | NULL | |
| page | char(1) | YES | | NULL | |
| writing_date| date | YES | | NULL | |
+-------------+-------------+------+-----+---------+----------------+
5 rows in set (0.01 sec)
Add Information to Tables
Use the following sample insert commands to insert some records to the article table.
insert into article values(1,'article1','4','a','2012-04-13');
insert into article values(2,'article2','5','b','2012-04-14');
insert into article values(3,'article3','6','C','2012-04-15');
insert into article values(4,'article4','7','d','2012-04-16');
You can take a look at your table using this command
mysql> SELECT * FROM article
+----+------- +----------------+-----------+-------------+
| id | name | number | page |wrinting_date|
+----+------- +----------------+-----------+-------------+
| 1 |article1| 1 | a | 2012-04-13 |
| 2 |article2| 2 | b | 2012-04-14 |
| 3 |article3| 3 | c | 2012-04-15 |
| 4 |article4| 4 | d | 2012-04-16 |
+----+--------+----------------+-----------+-------------+
4 rows in set (0.00 sec)
Update Information in the Table
You can update a stored information in the table with this command:
UPDATE `article`
SET
`number` = '6'
WHERE `article`.`name` ='article4';
Delete a Row, a Column and a Table
You can delete rows from the table with the following command:
DELETE from where [column name]=[field text];
mysql> DELETE from article where name='article2';
Query OK, 1 row affected (0.00 sec)
mysql> SELECT * FROM article
+----+------- +----------------+-----------+-------------+
| id | name | number | page |wrinting_date|
+----+------- +----------------+-----------+-------------+
| 1 |article1 | 1 | a | 2012-04-13 |
| 3 |article3 | 3 | c | 2012-04-15 |
| 4 |article4 | 4 | d | 2012-04-16 |
+----+--------+----------------+-----------+-------------+
3 rows in set (0.00 sec)
You can also delete a column using this command
ALTER TABLE [column name];
And type this command if you want to delete all table
Weak passwords are the most common threats to the Information Security. Many users, still, are using the weak passwords which contains their first or last name, DOB, mobile number, father’s/mother’s maiden name, birth place, crush name, so and so. In this fast-faced technology world, it is such a worst idea to have these kind of silly and weak passwords.
As we all know, “the passwords should be easy to remember, but hard to guess”. The strong password should consists of;
At-least 12 or more characters,
Upper/lower characters,
Numeric characters,
Special characters etc.
Also, it is very very bad idea to have the same password for multiple accounts.
But, how do we know the passwords are really strong? Is there any programs or tools to test the strength of the passwords? Indeed, Yes!! Here is where John the Ripper comes in handy. Using this tool, we can easily check the strength of the passwords. John the Ripper will break or crack the simple passwords in minutes, whereas it will take several hours or even days for the complex passwords.
About John the Ripper
John the Ripper is a fast password cracker that can be used to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. It is currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS.
Install John the Ripper In Linux
John the Ripper is available in the default repositories of the most modern Linux distributions. So, we can easily install it with ‘root’ privileges as shown below depending upon your distribution type.
On DEB based systems, Ex. Ubuntu:
apt-get install john
On RPM based systems, Ex.CentOS:
yum install epel-release
yum install john
On SUSE/openSUSE:
zypper install john
On Arch Linux:
pacman -S john
On Gentoo:
emerge johntheripper
Usage
John the Ripper’s usage is quite simple. You don’t have to use any special cryptographic methods or don’t have to memorize lot of commands to find and break a weak password.
Before Using John tool, It is recommended to check John the Ripper’s efficiency and capabilities.To do this, run:
As you in the above output, this will give the insights about how many username/password combinations per second (c/s) your system will theoretically run for each password hash encryption type.
Well, now, I will show you how to break a simple, weak password.
Let me create a ‘test’ user.
sudo useradd test
Set password to the ‘test’ account:
sudo passwd test
Here, I set the password to the ‘test’ user account as ‘test’, i.e the user name and password are both ‘test’.
There are two ways to break the password.
Method 1:
First, create a text file called ‘recoverpassword.txt‘ in any location.
Then, list the /etc/shadow file contents to find the password entry to the ‘test’ user.
Now, let us start to break the password using command:
john recoverpassword.txt
Sample output:
Loaded 1 password hash (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
test (test)
1g 0:00:00:00 100% 1/3 1.562g/s 150.0p/s 150.0c/s 150.0C/s test..t99999!
Use the "--show" option to display all of the cracked passwords reliably
Session completed
Hurray! As you see above, the password for ‘test’ user has been cracked.
Important: Be mindful that this process will take several minutes, or even days to break a complex password.
Let us take another example. I am going to change the password of the ‘test’ user and see whether the John the Ripper would crack the password.
Let us set different password and try to break the password of ‘test’ user.
Change the ‘test’ user password using command:
sudo passwd test
Enter the new password twice, for example I am going to use the password as ‘welcome’.
Now, list out the /etc/shadow file contents. Then, copy the ‘test’ user entry to the recoverpassword.txt file as shown above.
Now, run the following command:
john recoverpassword.txt
Sample output:
Loaded 1 password hash (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
welcome (test)
1g 0:00:00:15 100% 2/3 0.06591g/s 205.1p/s 205.1c/s 205.1C/s piglet..knight
Use the "--show" option to display all of the cracked passwords reliably
Session completed
As you see, the password for ‘test’ user has been displayed. This process could take only a few minutes, because we’re breaking the very simple password. In case of complex passwords, this take several hours or days. So be prepared accordingly.
To view the cracked passwords, run:
john --show revoverpassword.txt
Sample output:
test:welcome:16518:0:99999:7:::
1 password hash cracked, 0 left
Method 2:
This is somewhat similar to method 1.
Create a new text, for example recoverpassword.txt in any location.
Then, append the contents of /etc/passwd and /etc/shadow files using John the Ripper’s effective utility called ‘unshadow’ .
Now, run the following commands to crack the passwords.
john recoverpassword.txt
Now, you can view the cracked passwords using command:
john --show recoverpassword.txt
Just think what if a hacker could get the /etc/passwd and /etc/shadow files of your Linux server? This could lead you to worst nightmare if your system got compromised by hackers using the passwd and shadow files that he/she has. That’s why we need to audit the passwords regularly and must set a strong password to our system.
John the Ripper combines several cracking modes in one program and is fully configurable for your particular needs.
Wordlist mode
Single Crack mode
Incremental mode
External mode
1. Wordlist mode
It is the Simplest mode supported by John the Ripper. In this mode, you have to specify a wordlist ( i.e a text file containing one word per line) and some password files.
Example:
john --wordlist=mywordlist.lst --rules recoverpassword.txt
Be mindful that the wordlist should not contain any duplicate entries.
2. Single Crack mode
It is the recommended and fastest mode of all. You can even make the cracking process much faster by specifying multiple password files. John the Ripper will start to crack the passwords first using this mode.
3. Incremental mode
In this mode, John the Ripper will try with multiple combination of words to crack the passwords. It is the most powerful of all modes.
Example:
john --incremental recoverpassword.txt
4. External mode
In this mode, you have to create a configuration file section called [List.External:MODE], where MODE is any name that you assign to the mode. The section should contain some functions programmed in a subset of the C language. John will compile and use the functions if you enable this cracking mode via the command line.
For more details about the John the Ripper’s modes can be found here.
Conclusion
What we have seen so far is how to test the strength of the passwords using John the Ripper command line utility. You can come to a conclusion if this tool cracks your passwords in minutes, then it will definitely be a weak password. If it took long time, then you, somewhat, have a strong password and you’re safe. I suggest you to periodically audit and change the passwords.
I sincerely recommend you to use this tool for a good cause. Please don’t attempt to break or steal passwords of others using this tool.
Clement Lefebvre, the Founder and lead developer of LinuxMint, has introduced the brand new bluetooth setup and configuration tool called “Blueberry”. It is a front-end for Gnome-bluetooth-3.14, and it shows a systray icon in your panel and doesn’t annoy you if you don’t have a Bluetooth adapter. It works on any Desktop environment, including MATE, Cinnamon, GNOME, XFCE, and Unity. And ofcourse, it should work on any distribution as long as gnome-bluetooth 3.14 is installed.
We were experiencing issues with blueman within the MATE edition.. and we wondered why we were working on a bluetooth tool for just one particular edition and trying to get an external tool working for us on another, when instead we could simply design a solution that would work across the board for all our desktops.
So we made Blueberry.
He further added,
One key reason why cinnamon-bluetooth isn’t a core part of Cinnamon in the first place, is because we didn’t want Cinnamon to depend on a particular version of gnome-bluetooth. Instead, we want Cinnamon to work everywhere, whether that means it supports bluetooth (like in Mint 17.x) or whether that means it doesn’t (like in Arch/Fedora…etc). As gnome-bluetooth 3.14 no longer provides RFKILL functionality, this functionality had to be part of cinnamon-settings-daemon. Of course we could still package it within the cinnamon-bluetooth project… but we didn’t like that design and the way this was going.
Blueberry will be shipped with upcoming Linux Mint Debian Edition 2 release. Like I said, this is going to be a universal Bluetooth configuration tool for any distributions(Ex.Arch/Fedora, etc.) with any any Desktop environments(Ex.MATE, Cinnamon, Unity, etc).
Picty is a free, simple, yet powerful photo collection manager that will help you to manage your photos. It is designed around managing metadata and a lossless approach to image handling. Picty currently supports both online(web-based) and offline(local) collections. In local collections, the images will be stored in a local folder and it’s sub-folders. A database will be maintained to speed up the image queries in the user’s home folder. In online(web-based) collections, you can upload and share images through a web browser. Ant user with proper rights can share photos to any persons, and each user can have multiple collections open at once and collections can be shared by multiple users. There is a simple interface for transferring images between collections using a transfer plugin.
You can download any number of photos from your Camera or any devices. Also, Picty allows you to browse photo collections from your Camera before downloading it. Picty is lightweight application, and has snappy interface. It supports Linux, and Windows platforms.
Features
Supports big photo collections (20,000 plus images).
Open more than one collection at a time and transfer images between them.
Collections are:
Folders of images in your local file system.
Images on cameras, phones and other media devices.
Photo hosting services (Flickr currently supported).
picty does not “Import” photos into its own database, it simply provides an interface for accessing them wherever they are. To keep things snappy and to allow you to browse even if you are offline, picty maintains a cache of thumbnails and metadata.
Reads and writes metadata in industry standard formats Exif, IPTC and Xmp
Lossless approach:
picty writes all changes including image edits as metadata. e.g. an image crop is stored as any instruction, the original pixels remain in the file
Changes are stored in picty’s collection cache until you save your metadata changes to the images. You can easily revert unsaved changes that you don’t like.
Basic image editing:
Current support for basic image enhancements such as brightness, contrast, color, cropping, and straightening.
Improvements to those tools and other tools coming soon (red eye reduction, levels, curves, noise reduction)
Image tagging:
Use standard IPTC and Xmp keywords for image tags
A tag tree view lets you easily manage your tags and navigate your collection
Folder view:
Navigate the directory heirarchy of your image collection
Multi-monitor support
picty can be configured to let you browse your collection on one screen and view full screen images on another.
Customizable
Create launchers for external tools
Supports plugins – many of the current features (tagging and folder views, and all of the image editing tools) are provided by plugins
Written in python – batteries included!
Installation
1. Install from PPA
Picty developers has a PPA for Debian based distributions, like Ubuntu, to make the installation much easier.
You can either choose existing collection, device or directory. Let us create a new collection. To do that, create New Collection button. Enter the collection, and browse to the path where you have the images stored. Finally, click Create button.
You can modify, rotate, add/remove tags, set descriptive info of each images. To do that, just right click any image and do the actions of your choice.
Visit the following Google group to get more information and support about Picty Photo manager.
Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process. Apache Tomcat is developed in an open and participatory environment and released under the Apache License version 2. Apache Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. Apache Tomcat powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations.
Install Tomcat 8 on Ubuntu
In this tutorial, let us see how to install Tomcat 8 on Ubuntu 14.04 and 14.10. Also, the same method will work on other Ubuntu derivatives.
My machine:
Linux ubuntu 3.16.0-30-generic #40~14.04.1-Ubuntu SMP Thu Jan 15 17:43:14 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
unixmen@ubuntu:~$ sudo tar -zxvf apache-tomcat-8.0.21.tar.gz -C /var/local/
Controlling Apache Tomcat:
Apache Tomcat can be started and stopped by the script which comes with package, start the Apache Tomcat.
unixmen@ubuntu:~# sudo /var/local/apache-tomcat-8.0.21/bin/startup.sh
Using CATALINA_BASE: /var/local/apache-tomcat-8.0.21
Using CATALINA_HOME: /var/local/apache-tomcat-8.0.21
Using CATALINA_TMPDIR: /var/local/apache-tomcat-8.0.21/temp
Using JRE_HOME: /usr
Using CLASSPATH: /var/local/apache-tomcat-8.0.21/bin/bootstrap.jar:/var/local/apache-tomcat-8.0.21/bin/tomcat-juli.jar
Tomcat started.
unixmen@ubuntu:~#
You can verify the service running, by default tomcat runs on port no 8080.
Web manager is password protected, requires user name and password to access. Only the user with the “manager-gui” role is allowed to access, these users and roles are defined in tomcat-users.xml. By default “manager-gui” role not defined that file, you have to add it manually.
unixmen@ubuntu:~$ sudo vi /var/local/apache-tomcat-8.0.21/conf/tomcat-users.xml
PowerDNS is an open source, high performance, and DNS server. It runs on many GNU/Linux, Unix, and Mac OS X systems. It is written using C++, and released under the GPLv2. It uses popular Databases, such as MySQL, MariaDB, PostgreSQL, and Oracle etc., to read the Zone files and records.
In this tutorial, let us see how to install PowerDNS on Ubuntu 14.04. Also, the same steps will work on Debian and it’s derivatives.
Install PowerDNS On Ubuntu
Scenario:
Operating system: Ubuntu 14.04 LTS server
IP Address: 192.168.1.250/24
Hostname: server.unixmen.local
Update your system:
First of all, update your system:
sudo apt-get update && sudo apt-get upgrade -y
Setup MySQL:
sudo apt-get install mysql-server mysql-client
During installation you’ll be asked to set MySQL root user password. While it’s not mandatory, It is highly recommended.
The next step is we should now create the necessary database, user account, tables, and records etc., for the PowerDNS.
Enter to MySQL prompt using command:
sudo mysql -u root -p
Create database, namely ‘powerdns’. You can define your own.
CREATE DATABASE powerdns;
Create database user, namely ‘poweruser’.
GRANT ALL ON powerdns.* TO 'poweruser '@'localhost' IDENTIFIED BY 'ubuntu';
Here,
powerdns – is the database;
poweruser – is the database user,
ubuntu – is the password for the ‘poweruser’ user.
I recommend you to use any strong password to tighten the security.
Enter the following command to update the user settings.
FLUSH PRIVILEGES;
Now, use the powerdns database with command:
USE powerdns;
Create the necessary tables and records.
First, let us create domains table:
CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
Create Unique Index for domains table:
CREATE UNIQUE INDEX name_index ON domains(name);
Create records table:
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
Create the following indexes for records table:
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
Create the supermasters table:
CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
Finally, exit from MySQL prompt using command:
quit;
Configure PowerDNS
Now, we should configure PowerDNS to use MySQL as backend to store Zone files and records.
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.250
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.250
dns-search home
We completed all installation and configuration parts. Now, we will check whether PowerDNS is really working or not.
First check if PowerDNS is listening:
sudo netstat -tap | grep pdns
Sample output:
tcp 0 0 *:domain *:* LISTEN 1549/pdns_server-in
Now, enter the following command to check PowerDNS is working:
sudo dig @127.0.0.1
Or,
sudo dig @localhost
Sample output:
; <<>> DiG 9.9.5-3-Ubuntu <<>> @127.0.0.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65075
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;. IN NS
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Mar 30 14:38:58 IST 2015
;; MSG SIZE rcvd: 29
Or,
sudo dig @192.168.1.250
Where, 192.168.1.250 is my PowerDNS server’s IP address.
Sample output:
; <<>> DiG 9.9.5-3-Ubuntu <<>> @192.168.1.250
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39576
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2800
;; QUESTION SECTION:
;. IN NS
;; Query time: 0 msec
;; SERVER: 192.168.1.250#53(192.168.1.250)
;; WHEN: Mon Mar 30 14:39:49 IST 2015
;; MSG SIZE rcvd: 29
That’s it. PowerDNS is ready to use. In our upcoming tutorials, let us see how to install and configure PowerDNS web panel called “PowerAdmin”, and how to create zone files and record files.
Poweradmin is a free, web-based PowerDNS administration tool. Using this tool, anyone, even a novice user, can easily manage PowerDNS. Poweradmin allows us to easily define Zone files and record types. The current version of Poweradmin is adapted from a very old version of Poweradmin that was originally written by Jorn Ekkelenkamp and Roeland Nieuwenhuis. The current version has extended enhancements, feature and performance improvements.
Poweradmin is released under GPL, and it supports GNU/Linux, Windows, and Mac OS X.
Features
The following are the list notable features of Poweradmin.
Full support for all zone types: master, native or slave.
Full support for supermasters, for automatic provisioning of slave zones.
Full support for A, AAAA, CNAME, HINFO, MX, NS, PTR, SOA, SRV and TXT record types.
Multi-language support.
Support for larger databases.
Support for custom layouts.
Enhanced user and permission management setup. It now allows for fine-grained control of the permissions a user has, using “permission templates”, assigned to users.
Full support for IPv6.
And many.
Install Poweradmin
In this tutorial, let us see how to install Poweradmin in DEB and RPM based systems.
Install Poweradmin On RPM based systems:
First, make sure you have installed PowerDNS on your system.
After running the above commands, refresh your web page. You should see the following screen. Select your preferred language and Click Go to step 2 button.
“This installer expects you to have a PowerDNS database accessable from this server. This installer also expects you to have never ran Poweradmin before, or that you want to overwrite the Poweradmin part of the database. If you have had Poweradmin running before, any data in the following tables will be destroyed: perm_items, perm_templ, perm_templ_items, users and zones. This installer will, of course, not touch the data in the PowerDNS tables of the database. However, it is recommended that you create a backup of your database before proceeding.”
That means, if you have any zone files created in your PowerDNS server, plas backup them first.
This is the important step. Keep attention. Enter the database username and password to connect to the database. As you may know, we have created the database for PowerDNS with proper permission during PowerDNS installation in our previous articles. Also, select your database type(Ex.MySQL, PostgreSQL etc). Enter the name of the PowerDNS database and the password of the Poweradmin administrator. This administrator has full rights to Poweradmin using the web interface.
powerdns (You can also use ‘root’ in the Username section) – The username to use to connect to the database, make sure the username has sufficient rights to perform administrative task to the PowerDNS database (the installer wants to drop, create and fill tables to the database).
MySQL – The type of the PowerDNS database.
localhost – The hostname on which the PowerDNS database resides. Frequently, this will be “localhost”.
3306 – The port the database server is listening on.
powerdns – The name of the PowerDNS database.
If you have entered the correct values, you should see the following screen. Otherwise, make sure you have entered the correct database name, user name and password details.
Now, enter the username and password for Poweradmin. This new user will have limited rights only. Click Go to step 5 button to continue.
hostmaster.unixmen.local – When creating SOA records and no hostmaster is provided, this value here will be used. Should be in the form “hostmaster.example.net”.
ns1.unixmen.local – When creating new zones using the template, this value will be used as primary nameserver. Should be like “ns1.example.net”.
ns2.unixmen.local – When creating new zones using the template, this value will be used as secondary nameserver. Should be like “ns2.example.net”.
Click Go to step 6 to update records in the PowerDNS database.
Now, the installer will ask you should now create the file “../inc/config.inc.php” in the Poweradmin root directory yourself. And update the contents of the config.inc.php file with the contents as shown in the below screen.
If you want support for the URLs used by other dynamic DNS providers, run “cp install/htaccess.dist .htaccess” and enable mod_rewrite in Apache.
You must remove the directory “install/” from the Poweradmin root directory. You will not be able to use Poweradmin if it exists.
rm -fr /var/www/html/poweradmin/install/
After you have removed the directory, you can login to Poweradmin web console using URL http://IP-address/poweradmin/index.php with username “admin” and password “centos”(which we created in the previous steps).
DNS, stands for Domain Name System, translates hostnames or URLs into IP addresses. For example, if we type www.unixmen.com in browser, the DNS server translates the domain name into its associated ip address. Since the IP addresses are hard to remember all time, DNS servers are used to translate the hostnames like www.unixmen.com to 173.xxx.xx.xxx. So it makes easy to remember the domain names instead of its IP address.
In this tutorial, we will see how to setup and configure DNS server on Ubuntu 14.04 LTS. Also, the same method will work on Debian and its derivatives.
Setup DNS Server In Ubuntu 14.04
Scenario
For the purpose of this tutorial, I will be using three nodes. One will be acting as Master DNS server, the second system will be acting as Secondary DNS, and the third will be our DNS client. Here are my three systems details.
Primary (Master) DNS Server Details:
Operating System : Ubuntu 14.04 64bit minimal server
Hostname : masterdns.unixmen.local
IP Address : 192.168.1.101/24
Secondary (Slave) DNS Server Details:
Operating System : Ubuntu 14.04 32bit minimal server
Hostname : secondarydns.unixmen.local
IP Address : 192.168.1.102/24
Client Details:
Operating System : Ubuntu 14.04 desktop
Hostname : client.unixmen.local
IP Address : 192.168.1.103/24
Setup Caching Server
In this configuration BIND9 will find the answer to name queries and remember the answer for the next query. This can be useful for a slow internet connection. By caching DNS queries, you will reduce bandwidth and (more importantly) latency.
The default configuration is setup to act as a caching server. All that is required is simply adding the IP Addresses of your ISP’s DNS servers. Caching server is opt for low Internet connection.
Install bind9 packages using command:
sudo apt-get install bind9 bind9utils bind9-doc
Then edit /etc/bind/named.conf.options file,
sudo vi /etc/bind/named.conf.options
Simply uncomment and edit the following in /etc/bind/named.conf.options:
forwarders {
8.8.8.8;
};
Restart bind9 service.
sudo service bind9 restart
Test Caching Server
Run the following command to test it.
dig -x 127.0.0.1
Sample output:
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60612
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 604800 IN PTR localhost.
;; AUTHORITY SECTION:
127.in-addr.arpa. 604800 IN NS localhost.
;; ADDITIONAL SECTION:
localhost. 604800 IN A 127.0.0.1
localhost. 604800 IN AAAA ::1
;; Query time: 4 msec
;; SERVER: 192.168.1.101#53(192.168.1.101)
;; WHEN: Thu Apr 09 14:51:36 IST 2015
;; MSG SIZE rcvd: 132
Setup Primary (Master) DNS Server
You can use the same server for both Primary and Caching server.
Install bind9 packages on your server if not installed.
sudo apt-get install bind9 bind9utils bind9-doc
1. Configure Master DNS Server
DNS configuration files are stored in /etc/bind directory. Primary configuration file is /etc/bind/namd.conf.
Edit ‘/etc/bind/named.conf’ file.
sudo vi /etc/bind/named.conf
Make sure it contains the following lines. If not, add them.
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
Save and close the file.
Then, edit named.conf.local,
sudo vi /etc/bind/named.conf.local
Add the lines as shown in bold:
zone "unixmen.local" {
type master;
file "/etc/bind/forward.unixmen";
allow-transfer { 192.168.1.102; };
also-notify { 192.168.1.102; };
};
zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/reverse.unixmen";
allow-transfer { 192.168.1.102; };
also-notify { 192.168.1.102; };
};
Here,
forward.unixmen – Forward zone file
reverse.unixmen – Reverse zone file
192.168.1.102 – Slave DNS server
2. Create Zone files
Create forward and reverse zone files which we defiend in the ‘/etc/bind/named.conf.local’ file.
2.1 Create Forward Zone
Create Forward Zone file name forward.unixmen in /etc/bind/zones,
sudo vi /etc/bind/forward.unixmen
Add the following lines:
$TTL 86400
@ IN SOA masterdns.unixmen.local. root.unixmen.local. (
2011071001 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS masterdns.unixmen.local.
@ IN NS secondarydns.unixmen.local.
@ IN A 192.168.1.101
@ IN A 192.168.1.102
@ IN A 192.168.1.103
masterdns IN A 192.168.1.101
secondarydns IN A 192.168.1.102
client IN A 192.168.1.103
2.2 Create Reverse Zone
Create Forward Zone file name reverse.unixmen in /etc/bind/zones,
sudo vi /etc/bind/reverse.unixmen
Add the following lines:
$TTL 86400
@ IN SOA masterdns.unixmen.local. root.unixmen.local. (
2011071002 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS masterdns.unixmen.local.
@ IN NS secondarydns.unixmen.local.
@ IN PTR unixmen.local.
masterdns IN A 192.168.1.101
secondarydns IN A 192.168.1.102
client IN A 192.168.1.103
101 IN PTR masterdns.unixmen.local.
102 IN PTR secondarydns.unixmen.local.
103 IN PTR client.unixmen.local.
Secondary DNS server is optional, but recommended. If the master DNS server goes down, the Secondary DNS server will take charge and answer the queries. You need an additional server to setup Slave DNS server.
Install bind9 packages using the following command:
sudo apt-get install bind9 bind9utils bind9-doc
1. Configure Slave DNS Server
Edit ‘/etc/bind/named.conf’ file.
sudo vi /etc/bind/named.conf
Make sure it contains the following lines. If not, add them.
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
Save and close the file.
Then, edit named.conf.local,
sudo vi /etc/bind/named.conf.local
Add the lines as shown in bold:
zone "unixmen.local" {
type slave;
file "/var/cache/bind/forward.unixmen";
masters { 192.168.5.101; };
};
zone "1.168.192.in-addr.arpa" {
type slave;
file "/var/cache/bind/reverse.unixmen";
masters { 192.168.5.101; };
};
Here,
forward.unixmen – Forward zone file
reverse.unixmen – Reverse zone file
192.168.1.101 – Master DNS server
The zone file must be in /var/cache/bind/ because, by default, AppArmor only allows write access inside it.
Add the DNS Server details in your network interface config file.
sudo vi /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.102
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.101
dns-nameservers 192.168.1.102
dns-search home
Save and close the file.
Reboot your system.
5. Test DNS Server
After logging in to your server, run the following commands to check if DNS server is really working or not.
Method 1:
dig masterdns.unixmen.local
Sample Output:
; <<>> DiG 9.9.5-3-Ubuntu <<>> masterdns.unixmen.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20290
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;masterdns.unixmen.local. IN A
;; ANSWER SECTION:
masterdns.unixmen.local. 86400 IN A 192.168.1.101
;; AUTHORITY SECTION:
unixmen.local. 86400 IN NS masterdns.unixmen.local.
unixmen.local. 86400 IN NS secondarydns.unixmen.local.
;; ADDITIONAL SECTION:
secondarydns.unixmen.local. 86400 IN A 192.168.1.102
;; Query time: 5 msec
;; SERVER: 192.168.1.101#53(192.168.1.101)
;; WHEN: Thu Apr 09 14:32:38 IST 2015
;; MSG SIZE rcvd: 125
Method 2:
dig secondarydns.unixmen.local
Sample Output:
; <<>> DiG 9.9.5-3-Ubuntu <<>> secondarydns.unixmen.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53461
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;secondarydns.unixmen.local. IN A
;; ANSWER SECTION:
secondarydns.unixmen.local. 86400 IN A 192.168.1.102
;; AUTHORITY SECTION:
unixmen.local. 86400 IN NS masterdns.unixmen.local.
unixmen.local. 86400 IN NS secondarydns.unixmen.local.
;; ADDITIONAL SECTION:
masterdns.unixmen.local. 86400 IN A 192.168.1.101
;; Query time: 5 msec
;; SERVER: 192.168.1.101#53(192.168.1.101)
;; WHEN: Thu Apr 09 14:33:02 IST 2015
;; MSG SIZE rcvd: 125
Zimbra Collaboration Suite, shortly ZCS, is an Open Source, free for personal use, collaborative software platform for email, calendaring, tasks and more. It is currently being developed and maintained by Zimbra, Inc. ZCS is completely extensible and secure for your Organization or customers. We can deploy ZCS either on premises or private and public clouds easily. Since, we have direct control over ZCS, the data is completely safe and secure. It provides Mobile-enabled browsers and mobile apps, so you can collaborate anywhere, from any device. ZCS will easily fit into your existing solutions and infrastructure and quickly add additional functionality via Open APIs. You can use ZCS in small, medium-size enterprises to very large organizations. In short, it supports any size of the organization all over the world.
ZCS comes in two flavours, Open Source edition(Free), and Network Edition(Paid). ZCS consists of client and server components, and a desktop client. Zimbra Desktop is a full-featured free desktop email client. The ZCS Web Client is a full-featured collaboration suite that supports email, group calendars, and document sharing using an Ajax web interface. ZCS can synchronize mail, contacts, and calendar items with open-source mail clients such as Evolution, and also with proprietary clients such as Microsoft Outlook and Apple Mail. Zimbra also provides native two-way sync to many mobile devices such as Nokia Eseries, BlackBerry, Windows Mobile, iPhone, Android etc..
The ZCS uses the following list of open source projects.
Postfix
MariaDB
MySQL
OpenDKIM
OpenLDAP
Jetty
Apache Tomcat
Lucene
ClamAV
SpamAssassin
Amavis (amavisd-new)
DSPAM
Aspell
James
nginx
ØMQ
Perdition mail retrieval proxy
And many
Install Zimbra Collaboration Suite In Ubuntu
We already have posted article about ZCS installation and configuration CentOS 7. If you’re planning to deploy ZCS in any RPM based distros, check out the following link.
; <<>> DiG 9.9.5-3ubuntu0.2-Ubuntu <<>> mail.unixmen.local mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18016
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.unixmen.local. IN MX
;; ANSWER SECTION:
mail.unixmen.local. 86400 IN MX 0 mail.unixmen.local.
;; AUTHORITY SECTION:
unixmen.local. 86400 IN NS secondarydns.unixmen.local.
unixmen.local. 86400 IN NS masterdns.unixmen.local.
;; ADDITIONAL SECTION:
mail.unixmen.local. 86400 IN A 192.168.1.250
masterdns.unixmen.local. 86400 IN A 192.168.1.101
secondarydns.unixmen.local. 86400 IN A 192.168.1.102
;; Query time: 5 msec
;; SERVER: 192.168.1.101#53(192.168.1.101)
;; WHEN: Fri Apr 10 17:36:53 IST 2015
;; MSG SIZE rcvd: 162
If your Ubuntu server is behind router/firewall, you should forward at least port 25 from your router/firewall to your Ubuntu server.
Great, now we have added the proper DNS records, and it’s working well.
Now, we will install Zimbra.
Download and install Zimbra Collaboration Suite:
Please note that deploy ZCS in freshly installed system. You cannot have any other web server, database, LDAP, or MTA server running, when you install the Zimbra software. If you have installed any of the applications before you install Zimbra software, disable these applications. During the Zimbra Collaboration installation, Zimbra makes global system changes that may break applications that are on your server.
Now, Go to ZCS open source download page and download the latest version depending upon your OS type. Here, we are deploying ZCS in Ubuntu 14.04 LTS,
Now, start ZCS installer with the following command:
sudo ./install.sh
Keep attention. You might have to answer several questions.
First, accept the license agreement.
Operations logged to /tmp/install.log.7384
Checking for existing installation...
zimbra-ldap...NOT FOUND
zimbra-logger...NOT FOUND
zimbra-mta...NOT FOUND
zimbra-dnscache...NOT FOUND
zimbra-snmp...NOT FOUND
zimbra-store...NOT FOUND
zimbra-apache...NOT FOUND
zimbra-spell...NOT FOUND
zimbra-convertd...NOT FOUND
zimbra-memcached...NOT FOUND
zimbra-proxy...NOT FOUND
zimbra-archiving...NOT FOUND
zimbra-core...NOT FOUND
PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
License Terms for the Zimbra Collaboration Suite:
http://www.zimbra.com/license/zimbra-public-eula-2-5.html
Do you agree with the terms of the software license agreement? [N] y ## Type Y and Enter
Then, select the packages to install. I install all packages. Just press Enter to install each packages. Finally, enter ‘Y’ to install selected packages.
Select the packages to install
Install zimbra-ldap [Y] ## Press Enter
Install zimbra-logger [Y] ## Press Enter
Install zimbra-mta [Y] ## Press Enter
Install zimbra-dnscache [Y] ## Press Enter
Install zimbra-snmp [Y] ## Press Enter
Install zimbra-store [Y] ## Press Enter
Install zimbra-apache [Y] ## Press Enter
Install zimbra-spell [Y] ## Press Enter
Install zimbra-memcached [Y] ## Press Enter
Install zimbra-proxy [Y] ## Press Enter
Checking required space for zimbra-core
Checking space for zimbra-store
Checking required packages for zimbra-store
zimbra-store package check complete.
Installing:
zimbra-core
zimbra-ldap
zimbra-logger
zimbra-mta
zimbra-dnscache
zimbra-snmp
zimbra-store
zimbra-apache
zimbra-spell
zimbra-memcached
zimbra-proxy
The system will be modified. Continue? [N] y ## Type Y and press Enter
Now, installer continues again. After a couple of seconds, you’ll see the Zimbra main menu.
Main menu
1) Common Configuration:
2) zimbra-ldap: Enabled
3) zimbra-logger: Enabled
4) zimbra-mta: Enabled
5) zimbra-dnscache: Enabled
6) zimbra-snmp: Enabled
7) zimbra-store: Enabled
+Create Admin User: yes
+Admin user to create: admin@mail.unixmen.local
******* +Admin Password UNSET
+Anti-virus quarantine user: virus-quarantine.qhae0rny@mail.unixmen.local
+Enable automated spam training: yes
+Spam training user: spam.bijxe4tbpz@mail.unixmen.local
+Non-spam(Ham) training user: ham.noduijvbx@mail.unixmen.local
+SMTP host: mail.unixmen.local
+Web server HTTP port: 8080
+Web server HTTPS port: 8443
+Web server mode: https
+IMAP server port: 7143
+IMAP server SSL port: 7993
+POP server port: 7110
+POP server SSL port: 7995
+Use spell check server: yes
+Spell server URL: http://mail.unixmen.local:7780/aspell.php
+Enable version update checks: TRUE
+Enable version update notifications: TRUE
+Version update notification email: admin@mail.unixmen.local
+Version update source email: admin@mail.unixmen.local
+Install mailstore (service webapp): yes
+Install UI (zimbra,zimbraAdmin webapps): yes
8) zimbra-spell: Enabled
9) zimbra-proxy: Enabled
10) Default Class of Service Configuration:
s) Save config to file
x) Expand menu
q) Quit
Address unconfigured (**) items (? - help)
Now, you must configure the unconfigured items. The unconfigured items will be shown with a couple of stars(****) in front of them.
As you see in the above output, the ‘admin password’ item is not configured. This unconfigured item is found under Zimbra Store module, which is number 7.
To setup the admin password, enter number 7.
Address unconfigured (**) items (? - help) 7
Then, you will see the following sub-menu. Now, enter ‘4’ to set the admin user password.
Store configuration
1) Status: Enabled
2) Create Admin User: yes
3) Admin user to create: admin@mail.unixmen.local
** 4) Admin Password UNSET
5) Anti-virus quarantine user: virus-quarantine.qhae0rny@mail.unixmen.local
6) Enable automated spam training: yes
7) Spam training user: spam.bijxe4tbpz@mail.unixmen.local
8) Non-spam(Ham) training user: ham.noduijvbx@mail.unixmen.local
9) SMTP host: mail.unixmen.local
10) Web server HTTP port: 8080
11) Web server HTTPS port: 8443
12) Web server mode: https
13) IMAP server port: 7143
14) IMAP server SSL port: 7993
15) POP server port: 7110
16) POP server SSL port: 7995
17) Use spell check server: yes
18) Spell server URL: http://mail.unixmen.local:7780/aspell.php
19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: admin@mail.unixmen.local
22) Version update source email: admin@mail.unixmen.local
23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes
Select, or 'r' for previous menu [r] 4
Set password for the admin user. Use any strong password. Press enter to update the password.
Password for admin@mail.unixmen.local (min 6 characters): [OaInFVvE] ubuntu@123
Now, enter ‘r’ to return to previous menu.
Select, or 'r' for previous menu [r] r
Configuration is complete now. Press ‘a’ to apply.
*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Finally, type ‘yes’ to complete the setup.
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.17562]
Saving config in /opt/zimbra/config.17562...done.
The system will be modified - continue? [No] yes
After few minutes, you will see the installation completed message.
Access Zimbra Admin Web console
Open up your web browser and type: https://ip-address:7071 or https://domain-name:7071 in the address bar.
Enter the user name as ‘admin’ and the admin password which you have setup in the above steps.
Similarly, we can create, edit, delete users, mail-ids, domains, and also other kind administration tasks such as monitoring users, setup Quotas for Users etc.
Access Zimbra User’s Web console
The users can access their mails using this console.
Type: https://ip-address/ or https://domain-name/ in the address bar. Log in with valid user name and password which we have created in the Zimbra Admin console.
And, run the following command to completely uninstall Zimbra and and all its components.
sudo ./install.sh -u
Finally, delete Zimbra installation directory:
cd ..
sudo rm -rf zcs-*
Done!
We, just, have covered the installation and basic configuration part. For complete details about installation and usage, I recommend you to have a look at the below links.
Installing and configuring Zimbra is like a piece of cake. ZCS installation is quite easy if you follow the above steps carefully. You don’t have to be a master In Linux. Everything will be automatically configured during ZCS installation. If you’re not satisfied with Open Source edition, purchase the enterprise version to have complete features and Zimbra professional support.
Security and privacy are the two biggest concerns in Web, right? Indeed. In this highly sophisticated technological world, security and privacy are just dreams. No one is 100% secure ever in online. But the good news is some tech enthusiasts and companies are desperately trying to develop number of software that will help us to stay safe and secure in online. And, we should appreciate them for their consistent work to keep us safe(atleast a little bit) in online. Today, we will discuss about a Web browser called “Dooble” that can be used mainly for security and privacy.
About Dooble Web Browser
Dooble is yet another web browser among the popular web browsers, such as Firefox, Google Chrome, and Opera etc. But Dooble is slightly different from the other browsers. Yes, it’s main goal is to provide the web experience in a safe way. Unfortunately, Dooble isn’t really opt for everyday usage right now. You can use it whenever you want security and privacy in Web. It is a nice and user friendly browser, comes with many potential features, including a download manager, a file manager, a FTP Browser, authenticated encryption, Content blocking, and Private browsing etc. It supports Linux, Mac OS X, BSD, and Windows operating systems.
Features
Dooble comes with the following features by default.
Advertisements blocking.
Always HTTPS.
Colorful and unique desktop.
Complex configuration options.
Configurable exceptions.
Cookies manager.
Downloads manager.
Encrypted bookmarks, browsing history, cookies, disk caches, etc.
History browser, including side panel.
Integrated file manager and FTP browser.
Per-tab JavaScript, Per-tab Web plugins, and Per-tab private cookies.
Plugins support.
Session restoration.
Print-in-PDF support
And many
Install Dooble in Ubuntu and derivatives
Add the following PPA:
sudo add-apt-repository ppa:richard-sellam/ppa
Update the software sources:
sudo apt-get update
Then, install Dooble using command:
sudo apt-get install dooble
Dooble is Simple and Light weight
Dooble is light-weight than modern web browsers. When I launch it first, It displayed a warning message that says:
A passphrase has not been prepared. Please visit the Safe panel in the Settings window and choose a passphrase. Once a passphrase is selected, bookmarks, cookies, and all other essential information will be available in future sessions. You may disable this reminder via the Safe panel.
You’ll be warned to set the passphrase first. It’s because, you will need a passphrase to view the bookmarks, cookies, and all other important information in future. If you don’t set the passphrase, cookies, bookmarks, and history are no longer available. Each user’s profile will be encrypted including the guest profiles.
Click Ok to close the warning message. We will setup passphrase later.
The look and interface of Dooble is very simple. No glitches, no fancy windows, it’s just simple. Dooble has a Menu bar that having ten menu items, an address bar, and a History sidebar by default. You can select any search engines of your choice from the History sidebar.
As I mentioned before, Dooble requires a passphrase to remember your history. Once you close the browser, everything will be wiped out from the Dooble’s memory. Temporary sessions will not be remembered until you setup passpharase.
To setup a passphrase, go to Windows -> Settings -> Safe.
Enter the passphrase. Passphrase should be 16 characters long.
Now, you will notice that the Dooble is remembering the previous opened websites.
Dooble is Clean
When I open a browse a website using Dooble, It opens thems a little bit faster than other browsers. Because, it simply bans all ads, flash contents, and JavaScript by default.
You can create, delete, or rename the folders within this file manager. It will list the folder contents by name, size, type, modified date, accessed date, owner, group. and permissions etc.
Sadly, the file manager is limited for some operations. For example, if you open a media file, it doesn’t automatically play using any Media player. Instead, it will ask you to select an application manually to play it. We can select default applications only for few file types from the Dooble Settings window.
Dooble’s IRC Channel
Dooble’s IRC Channel is another notable feature. We can use Dooble as a IRC client as well. To open the Dooble’s IRC channel, go to Locations -> IRC Channel.
Dooble’s IRC Channel is powered by qwebirc, which is a fast, easy to use, free and open source IRC client designed by and originally just for the QuakeNet IRC network
Also, Dooble allows you to add a Webchat option to your site. To add webchat option to your site, click on the Connection details on the top left side of the Dooble’s IRC Channel page.
You’ll see the following window. This wizard will help you create an embedded client by asking you questions then giving you the code to add to your website.
The another interesting feature is we can use Dooble as our FTP client. You don’t need a separate FTP client to access your FTP servers. Dooble will simply replace the FTP client software.
Here, we will access the FreeBSD public FTP site.
Enter the following URL: ftp://ftp.freebsd.org/pub/FreeBSD in the address bar to access FreeBSD public FTP site.
Setup proxy server IP address if you to connect to Internet
Setup default applications for particular filetypes
Customize the Dooble’s appearance, font size, font name etc.
History settings and disk cache size
Master Passphrase
Setup HTTPS option as default
Setup “Do not track me”, Suppress HTTP redirect, Suppress HTTP referrer” options etc.
Enable Flash and JavaScript
Adjusting Menu and Side bars
Disable Private browsing. It is enabled by default
And many.
Conclusion
Dooble provides many of the features that a modern Web browser should. But, I would say, Dooble is not yet ready for daily usage. It still needs good amount of work, additional features, and polish to be good daily usage web browser. Also, It has some buggies. I can’t or find a way to enable more add-ons. Also, there is lack of documentation for Dooble’s usage. Apart from the few issues, Dooble is a worth to try.
If you are mainly concerning about privacy and security, Dooble is the recommended option to give it a try. You won’t be disappointed.
Django is a free and open source tool used to store data into a lightweight SQLite database file. It is a high level and flexible Python web framework. In this article, we will explain how you can make the installation and configuration of PostgreSQL in order to be able to use it with Django applications on Ubuntu.
Let’s start by introducing the PostgreSQL. In fact it is an open source object relational database system. It has been released since 15 years, during which it earned a strong reputation due to its reliability, data integrity and correctness. PostgreSQL could be used with all existing operating systems, such Linux, UNIX and windows. All the data types are existed with this tool such INTEGER, NUMERIC, BOOLEAN, CHAR, VARCHAR, DATE, and others. This tool also supports storage of binary large objects, including pictures, sounds and videos.
Before starting it is required to have a clean Ubuntu server instance with a non-root user set up which also must be configured using “sudo” privileges”.
Configure PostgreSQL With Django Application
Installing the needed components from Ubuntu repository:
We will start our tutorial by installing all the needed components from our Ubuntu repository. So we will need the “pip”, python package manager, the database software and the associated libraries to interact with them. We will use the following command to do this:
There is an operating system named “postgres” which was created during the installation of the Postgres to correspond to the postgres PostgreSQL administrative user. So it is required to change into this user to be able to perform administrative tasks using:
sudo su - postgres
The “peer authentification” is used automatically by Postgres with local connections. It means that if the user’s operating system username corresponds to a valid Postgres username, so the connection will be without authentication. Now you can log into the Postgres session by using the following command:
psql
We will start by creating the Database for our project. So will give it the name: ”projectdata” as the given name with the installation of this tool on Centos 07 in our previous article. Of course you can make your own name:
CREATE DATABASE projectdata;
It is important to finish each command at SQL with semicolon. Now we will create a database user which will be used to connect to and interact with the database, so you have to enter your password here:
CREATE USER projectdatauser WITH PASSWORD ‘password’;
We will make some changes for the connection parameters using the following commands:
ALTER ROLE projectdatauser SET client_encoding TO ‘utf8’;
ALTER ROLE projectdatauser SET default_transaction-isolation TO ‘read committed’
ALTER ROLE projectdatauser SET timezone TO ‘UTC’;
Now we will give our database user access rights to the database already created using the following command:
GRANT ALL PRIVILEGES ON DATABASE projectdata TO projectdatauser;
Then typing the following command to exit the SQL prompt:
\q
And the last command in this section is used to exit the postgres user’s shell session.
exit
Installation of Django:
Now we will start the installation of our Django and all its dependencies within Python virtual environment. To get the virtual environment package you have to use the following command:
sudo pip install virtualenv
Then use the following command to have a directory for your Django project:
mkdir ~/projectdata
cd ~/projectdata
And to finish the creation of your virtual environment use the following command:
virtualenv projectdataenv
Using the previous command, you will have a local copy of python and pip into our made directory projectdataenv (you can call it with other name depending on the first name you made).
Now we will activate the virtual environment before starting the installation using the following command:
source projectdataenv/bin/activate
You will remark that you are working now with your virtual environment after using this command. So now we can start the installation of the Django using the pip command. Type the following command to do that:
pip install django psycopg2
The psycopg2 will be also installed since it will enable us to use our configured database.
Using the “projectdata” created directory, we can start our Django project using the following command:
django-admin.py startproject projectdata .
Configuration of Django database settings:
Now we will configure our project in order to use the created database. We will open the main Django project settings file using the following command:
nano ~/projectdata/projectdata/settings.py
At the end of this file there is a “DATABASES” section which is configured to SQLite as a database.
Now we will test our Django project starting by the migration of our data structures to our database using the following command:
cd ~/projectdata
python manage.py makemigrations
python manage.py migrate
Then type the following command to create an administrative account while you will be asked to choose a username, an e-mail address and a password:
python manage.py createsuperuser
Now we will start our Django project using the following command:
python manage.py runserver 0.0.0.0:8000
Then visit your server’s domain name or IP address followed by :8000 to find default Django root page. (You can do this with any web browser).
http://server_domain_or_IP:8000
Then add the “/admin” to the end of the URL, that you be in front of the login screen. So enter your username and password already created that you will be taken to the admin interface. You can stop the development server using the Ctrl+C on your terminal window.
Conclusion
The installation and configuration of the PostgreSQL in Ubuntu was described in this article and previously the installation of this tool for Centos 07 also was described. So now you can use this tool as the backend database for a Django project with Centos or Ubuntu.
Telegram is a cloud based messaging application characterized by its fast speed and security features. Currently, it is used by a very large user base and it is the preferred one for them since it has a lot of features that make it different from others. It is similar to WhatsApp but instead of caring more about money than user’s privacy like what does WhatsApp. Telegram is a free and open source application while the user’s privacy is one of its priorities. It is used by every mobile platform, including Android, iOS, Windows Phone, Ubuntu Touch. It is also important to know that it can be used on desktops, thanks to third party applications such as Webogram (Chrome extension), Sigram (Linux native client) and others. Recently, the official desktop apps was released for Linux, Windows, and Mac OS X.
In this article, we will list the features of this modern cloud based messaging application that allows you to share pictures, videos and even files. Then, the installation will be outlined.
Features of Telegram
The identification formula with Telegram consists in the mobile number of the user. A SMS will be sent or a call will be made to give the verification code to the possessor of the entered phone number. The phone number for the verification can be changed without losing the old messages. Discussions with groups may be made, send pictures also.
From its different features, we can list the following ones:
Its availability for desktop and mobile devices: Android, Iphone/Ipad, Windows phone, Web-Version, PC, Mac and Linux.
A heavily encrypted and self-destruct messages are available. The messages access can be from multiple devices and platform.
Several security measures to protect it from different hackers.
It has a very fast speed of processing and message delivery.
It is a very powerful application, no limit to media and chats.
It supports desktop notifications, stickers and sending, receiving files of photos and others.
After 6 months of inactivity, the concerned user account will be deleted automatically.
There are two types of chats, either an ordinary one which uses client server encryption and can be accessed from multiple devices or the secret chats which uses end-to-end encryption and can be accessed just by the two participating devices.
Installing Telegram in Linux
To install Telegram in Linux you have just to download it from the official website. Your operating system will be detected directly and you will see the button which you have to select responding to your needs. Or, you can use the “wget” command to download it directly as you see in the following line:
You will receive the code by SMS or by phone call. So enter this verification code, your first and last name too. Then, click in “Signup” button. You have now a Telegram account, so you can start adding your contact by entering their first name, last name and their phone number.
You can start chatting using Telegram interface from every device.
Use Telegram for Ubuntu as an application
Now we will give you the instructions to make Telegram available for your user only. We consider that you are using GNOME or UNITY. So we will start by extracting the download archive from the Telegram website, (if you did it previously you don’t need to repeat it now), then open a terminal window and use the following command to create the needed file for your desktop environment:
Nano .local/share/applications/telegram.desktop
This command will enable you to open the “nano” editor where you can create a new file.
You can see in the contents of the opened editor everything you need for this new file: the name, the image, the directory and the type, and the icon.
After getting this image, replace the username with your own username in your desktop; save it using “ctrl+o”, confirm it using “Enter” and exit using “ctrl+x”.
Now you will need a few other commands to start using Telegram: so you will need to add the PPA (Personal Package Archive) using the following command:
sudo add-apt-repository ppa:noobslab/apps
Then update your Ubunto software sources using the following command:
Sudo apt-get update
Now you can install your Telegram application for your desktop using the following command:
Sudo apt-get install telegram-desktop
So you are able to start using Telegram on your Ubuntu system.
Install Telegram in other Linux Distros
The previous command can’t be with every version of Linux, since not all of them can get an installation through personal package archive of an Arch user repository. If those option you don’t have with your system, so you will install Telegram with the standard method as fellow:
So start by downloading the tar archive of Telegram from its official website, then open up a terminal window:
cd ~/downloads
This command will help you to find the downloaded tar archive. Then extract this folder:
tar –xJvf tsetup.0.7.6.tar
Place the extracted folder in your selected directory using the following command:
Sudo mv Telegram /opt/telegram
Then create a link to be able to run Telegram using the following command:
Different messaging applications are used in our days, like iMessage, Google Hangouts, Viber, Whatsapp, Facebook Messenger and many others. All of them are great for use but they don’t have a desktop version. With Telegram isn’t the case you can get a great desktop application which can be opened with pc of mobile. Telegram is a messaging app with a focus on speed and security. It’s super-fast, simple, secure and free. It seamlessly syncs across all of your devices and can be used on desktops, tablets and phones alike where you can send an unlimited amount of messages, photos, videos and files of any type (.doc, .zip, .pdf, etc.).
OpenLiteSpeed is a free and open source HTTP server developed by LiteSpeed Technologie. OpenLiteSpeed is a high-performance, lightweight application gives the ability to free download, use, distribute, and modify its source code under the conditions of the third version of the GNU General Public License. It supports Apache rewrites rules via the Admin page and it is used to manage and serve sites.
In this article we will explain how to install and configure OpenLiteSpeed on an Ubuntu server.
OpenLiteSpeed features
OpenLiteSpeed has a large set of features where we can list the following ones:
It is characterized by its high performance coding using kqueue (FreeBSD and OS X), epoll (Linux), /dev/poll (Solaris), and poll.
and event-driven architecture with extremely low resource (CPU and RAM) overhead
It is a support light weight with a minimal CPU and memory footprint
It is compatible to Apache rewrite rules
It is also characterized by WebAdmin GUI with real-time statistics and High-performance page caching.
It has an easy virtual host configuration via templates
Before starting the installation, it is required to have a non-root user account configured on your server and complete with “sudo” privileges.
Installation of OpenLiteSpeed
We will start our installation by updating the local package index file and by installing all the needed components. So use the following command to update the file:
sudo apt-get update
And this command to install the needed components which will be used to compile the software:
Now we will install the OpenLiteSpeed from its official website (http://open.litespeedtech.com/mediawiki/index.php/Downloads) it is recommended to install the version 1.3.10 to make its installation using this article. Copy the link address which will be used in the following commands to make the installation with the “wget” command:
After making the download extract the file and move to its directory using the following commands:
tar xzvf openlitespeed*
cd openlitespeed*
Then use the following command to configure the software and to compile it:
sudo ./configure
sudo make
And to start the installation of this software into your system use the following command:
sudo make install
You can find it under the /usr/local/lsws directory.
Now we will need the MySQL database to be able to store data. So if you haven’t an installed MySQL you can use the following instructions. You can make the installation of the MySQL database management system from the Ubuntu’s repositories using the following command:
sudo apt-get install mysql-server
Then, enter an administrative password while making the installation and initialize the MySQL directory structure using the following command:
sudo mysql_install_db
sudo mysql_secure_installation
After typing those commands, enter your made administrative password, you will have also the possibility to change or to keep the same password. Then press “enter” to accept the default suggestions.
Now we will start the web server. We will start by changing the administrative password using the following command:
sudo /usr/local/lsws/admin/misc/admpass.sh
By default, the “admin” username will be chosen and if you want you can change. After changing the password and the username use the following command to start the web server:
sudo service lsws start
Then access to the default web page by navigating to your domain name or IP address using the following command:
http://your_server_domain_or _your_IP:8088
After discovering and surfing through this site, we will move to the administrative interface using the following command:
https://your_server_domain_or_your_IP:7080
You will be informed that the SSL from the server can’t be validated, which is a self-signed certificate. Click through the available options to proceed to the site. You will be asked to enter the administrative name and password already done with the “admpass.sh”.
After the authentication you will be in front of the OpenLiteSpeed administration interface.
Now we will change the port from the one used by the default site “8088” to the conventional port “80”. So we will do as follow:
Under the “Configuration” menu item in the menu bar select the “listeners”.
Under the “listeners” click on the “View/Edit” button.
Click the edit button in the top-right corner of the “Address Settings” table and change the port “8088” to the port “80” then click “save”.
To restart the server, under the “Actions” menu select “Graceful Restart”.
Image may be NSFW. Clik here to view.
Everything associated with OpenLiteSpeed can be found under the following directory.
/usr/local/lsws
If you want to stop the OpenLiteSpeed use the following command:
/usr/local/lsws/bin/lswsctrl stop
And if you aren’t satisfied and want to remove completely the installed directory use the following command:
rm -rf /usr/local/lsws
So you will lose nothing give it a try and discover this tool.
Conclusion
In this article, we gave you the instructions to fellow for installing the OpenLiteSpeed application and also MySQL database management system in an Ubuntu server. The OpenLiteSpeed is a great performance interface used to manage and serve site.
![Ubuntu 14.04 [Running] - Oracle VM VirtualBox_003](http://www.unixmen.com/wp-content/uploads/2015/03/Ubuntu-14.04-Running-Oracle-VM-VirtualBox_003.png)
![Ubuntu 14.04 [Running] - Oracle VM VirtualBox_002](http://www.unixmen.com/wp-content/uploads/2015/03/Ubuntu-14.04-Running-Oracle-VM-VirtualBox_002.png)
