Uncategorised

Secure Online Banking with Linux USB Live

by

Abstract:

Online banking is becoming a very popular way to satisfy our banking needs and this even includes people with no or very little technical background. There are numerous advantages when doing banking transactions online, such as 24/7 bank opening hours, ability to make transactions from anywhere in the world and convenience. The only problem is that we do not take our secured home PC everywhere with us. Consequently, the use of other computer and operating system rather than our own for online banking may involve a great security risk. However, what we can and usually carry on us everywhere we go is some sort of the USB key storage device. This article describes a way of building our own customized Online banking USB live Desktop.

Introduction

Solution to online banking by having an USB key with some bootable Live Linux distribution solely dedicated to serve our online banking needs can be very handy not even when traveling, but also when used on day to day basis. Usually, computers are shared among colleges, family members or friends and therefore chances are very high that our personal details will be made available to some fraudsters and their sophisticated scams and software. What is more, encrypting our non-persistent USB key will make Live USB online banking desktop worthless when falling into enemy hands. Therefore, there is no harm of storing our online passwords directly on the USB itself using an application such as gorilla-password ( double encryption ). Perhaps the outcome of this guide is not as good as the famous IronKey with all its shiny features, but we would all missed the fun if there will be no space to improve it.

This article will comprise of four major sections:

  • build Debian USB live image
  • customize desktop environment within USB live image
  • rebuild USB live image with customized environment and encryption
  • transfer USB LIVE image to USB memory device

Prerequisites

Hardware

  • USB key with minimum size of 512 MB
  • PC with USB slot

Software

The software prerequisites are very simple and straight forward. All what is needed is a running Debian or Ubuntu desktop with live-helper and qemu packages.

Read more

Raspbian GNU/Linux upgrade from Wheezy to Raspbian Jessie 8

by

The upgrade from Raspbian Wheezy to Raspbian 8 Jessie is a fairly simple procedure. However, a caution must be exercised as there is always a chance to break the entire system. The less packages and services are installed the more likely you will be able successfully upgrade your Raspbian Linux system.

Recommendations:

  • Remove unnecessary packages
  • Fully upgrade your current system
  • Make a data backup
  • Although there should not be a problem to perform update via SSH it is recommended to perform upgrade directly using console

Read more

Choosing the right Linux File System Layout using a Top-Bottom Process

by

July 31, 2009
By Pierre Vignéras

Abstract:

As you may probably know, Linux supports various filesystems such as ext2, ext3, ext4, xfs, reiserfs, jfs among others. Few users really consider this part of a system, selecting default options of their distribution’s installer. In this article, I will give some reasons for a better consideration of the file-system and of its layout. I will suggest a top-bottom process for the design of a “smart” layout that remains as stable as possible over time for a given computer usage.

Introduction

The first question that you may ask is why are there so many file-systems, and what are their differences if any? To make it short (see wikipedia for details):

  • ext2: it is THE Linux fs, I mean, the one that was specifically designed for linux (influenced by ext and Berkeley FFS). Pro: fast; Cons: not journalized (long fsck).
  • ext3: the natural ext2 extension. Pro: compatible with ext2, journalized; Cons: slower than ext2, as many competitors, obsolete today.
  • ext4: the last extension of the ext family. Pro: ascending-compatibility with ext3, big size; good read performance; cons: a bit too recent to know?
  • jfs: IBM AIX FS ported to Linux. Pro: mature, fast, light and reliable, big size; Cons: still developed?
  • xfs: SGI IRIX FS ported to Linux. Pro: very mature and reliable, good average performance, big size, many tools (such as a defragmenter); Cons: none as far as I know.
  • reiserfs: alternative to ext2/3 file-system on linux. Pro: fast for small files; Cons: still developed?

There are other file-systems, in particular new ones such as btrfs, zfs and nilfs2 that may sound very interesting too. We will deal with them later on in this article.

So now the question is: which file-system is the most suitable for your particular situation? The answer is not simple. But if you don’t really know, if you have any doubt, I would recommend XFS for various reasons:

Read more

Encrypted Wordpress hash password generator

by

Sometimes you may need to reset your Wordpress password directory by updating a password filed of your wordpress wp_users table. The required password needs to a salted MD5 string. The easiest way to generate a Wordpress hash password from a plain test is to use openssl.

For example let’s create a new Wordpress hash password string from a plain text such as wordpress_pass:

$ openssl passwd -1 'wordpress_pass'
$1$ldalRXj4$wOZp2NjBYsn0UosVKj68N0

Read more

IPwatchD an IP conflict detection tool for Linux

by

IPwatchD an IP conflict detection tool for Linux

Project name: IPwatchD – IP conflict detection tool
Author: Jaroslav Imrich
Project’s Home Page: IPwatchD

 

Introduction

When using a GNU/Linux operating system, from time to time you may come across a situation where network connectivity was interrupted due to the IP conflict. An IP conflict event occurs when two or more hosts on the same network are configured with identical IP addresses. At the present, there appears to be no code in the Linux kernel to take care of this situation by means of appropriate Gratuitous ARP response . Very often a network administrator is left in the complete ignorance by the Linux kernel and needs to troubleshoot IP conflict the hard way. An IP Address Conflict GUI dialog triggered by IPwatchD Daemon Fortunately, there is a simple daemon called IPwatchD which main purpose is to catch and evaluate packets on the network and this way is able to prevent an IP conflict occurrence. This is done by help of libpcap library. IPwatchD daemon is written in C language and can run in passive or active modes. The difference between a passive and active mode is that in the passive mode IPwatchD only logs every IP conflict event by engaging syslog daemon, and in active mode IPwatchD takes one step further and responds to Gratuitous ARP request which is the main construction block when it comes to the IP conflict prevention. This article will explore this simple daemon in terms of installation, configuration and usage.

Prerequisites

Before we can install IPwatchD under the GNU/Linux operating system it is recommended to confirm that all prerequisites needed by IPwatchD are installed on the system. Here is a list of packages you would need to install on Ubuntu 8.10. 

 * build-essential - C compiler and other development tools
  * libpcap-dev     - Network packet capture library
  * libnet1-dev     - Network packet construction library
  * libnotify-dev   - sends desktop notifications to a notification daemon

On ubuntu or debian linux you can install those packages with a following linux command: 

# apt-get install build-essential libpcap-dev libnet1-dev libnotify-dev

Read more

Redirect or block traffic based on country geographical location using Apache mod_geoip

by

In this config you will learn how to block or redirect web traffic based on the visitor’s country geographical location using Apache’s geoip mod.

Apache mod_geoip installation

Assuming that you already have Apache webserver installed and running we start by the installation of mod_geoip:

UBUNTU/DEBIAN
# apt-get install libapache2-mod-geoip
CENTOS/REDHAT/FEDORA ( epel enabled only )
# yum install mod_geoip.x86_64

Read more

How to obtain a laptop battery information and charging state on Linux

by

The following linux commands will help you to obtain the information about your laptop battery such as manufacturer, part type, capacity, voltage etc. First, tool which can be used for this job is dmidecode command. If you currently do not have dmidecode available on your Linux system you can install it by:

UBUNTU/DEBIAN
# apt-get install dmidecode
CENTOS/FEDORA
# yum install dmidecode

next, using dmidecode we can obtain some hardware information about our battery:

# dmidecode -t 22
# dmidecode 2.12
SMBIOS 2.6 present.

Handle 0x002E, DMI type 22, 26 bytes
Portable Battery
        Location: Rear
        Manufacturer: LGC
        Name: 42T4942
        Design Capacity: 93240 mWh
        Design Voltage: 11100 mV
        SBDS Version: 03.01
        Maximum Error: Unknown
        SBDS Serial Number: 073C
        SBDS Manufacture Date: 2012-03-23
        SBDS Chemistry: LION
        OEM-specific Information: 0x00000000

Read more

Remove all containners based on docker image name

by

Questions:
How can I remove all docker containers based on a docker image name. I do not wish to remove all available containers, only the those which are based on particular image. For example I would like to remove all containers based on image centos:7.

Answer:
To remove all docker containers based on centos:7 run the following linux command:

# docker ps -a | awk '{ print $1,$2 }' | grep centos:7 | awk '{print $1 }' | xargs -I {} docker rm {}

Read more