- Free and Open Source network access control (NAC) system - PacketFence

If your network is a breeding ground for worms, PacketFence is for you. If you have no idea who connects to your network and who owns a particular computer, PacketFence is for you. If you have no way of mapping a network policy violation to a user, PacketFence is for you.

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks - from small to very large heterogeneous networks.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/13578167759332.html

- Create jigsaw puzzle from pictures with Picpuz

Picpuz is an on-screen "jigsaw puzzle". You can take almost any image file and break it into many pieces which you can then reassemble using the mouse.

You can control the size of the puzzle and the number of pieces (tens to thousands). You can save an unfinished puzzle and resume it later.

You can take almost any image (jpeg, tiff, png ...) and scramble it into many pieces (tens to hundreds). You can then reassemble the picture using the mouse to move the pieces around.
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/135781677515045.html

- UI Application for checking websites and HTML documents for broken links - linkchecker

It's easy to do a manual check for broken link for a small sites but it's not possible for carrying out the same manual tasks when you sites contains 1000's web pages and these pages keep's on getting added or deleted at the same time, for this you need some sort of automation tool which can do the same job for you in very effective and smart way, With LinkChecker, you can check HTML documents and Web sites for broken links.Linkchecker also provides a graphical interface "linkchecker-gui" to check links of websites and HTML documents.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/13578167752766.html

- Test your hacking skills - WackoPicko

WackoPicko is a website that contains known vulnerabilities. It was first used for the paper Why Johnny Can't Pentest: An Analysis of back-box Web Vulnerability Scanners found:
http://cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf

WackoPicko Install Instructions:
Import the WackoPicko database into MySQL using a command like the following:
mysql -u <user> -p < current.sql
This will create the MySQL user wackopicko with the password webvuln!@# as well as create the wackopicko table. The wackopicko table contains all of the data that was present while testing the scanners in Why Johnny Can't Pentest.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/135781677511550.html

- Checks existence of open proxy - proxycheck

Open proxies of various kinds are used nowadays for various evil things like sending mass spam, hacking into your machine, making denial of service attacks (DoS) and the like. Every such machine should be either secured properly or turned off permanently, but that's not an option, since in most cases there is either no administrator of such machines exists at all, or he has no clue about what's on that machine, or it's irrelevant for him. So the only way to stop massive abuse made via such machines is to block them. Also, network administrators (of an ISP for example) are able to warn their clients whenever they are running an insecure proxy services - periodical scanning of client's network may also be a good idea.

This command-line tool, proxycheck, may be used for such purpose. Currently, it understands 3 types of proxy servers: HTTP proxies that allows you to CONNECT to any host:port, SOCKS v4 and v5 proxies, wingate "telnet" proxy servers of various kinds (incl. e.g. CCProxy variants and others), and FTP proxies that are able to create transparent connections.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/135781677518222.html

- UI Application for Image Batch Processing - Phatch

Phatch is a simple to use cross-platform GUI Image Batch Processor which handles all popular image formats and can duplicate (sub) folder hierarchies. Phatch can batch resize, rotate, apply perspective, shadows, rounded corners, ... and more in minutes instead of hours or days if you do it manually. Phatch allows you to use EXIF and IPTC tags for renaming and data stamping. Phatch also supports a console version to batch photos on webservers.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/13578167754725.html

- Secure Encryption and Decryption of files and streams - ccrypt

ccrypt is a command line utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard Unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard (AES). This cipher is believed to provide very strong security. A compatibility mode is included for decrypting legacy "unix crypt" files.

Unlike unix crypt, the algorithm provided by ccrypt is not symmetric, i.e., one must specify whether to encrypt or decrypt. The most common way to invoke ccrypt is via the commands ccencrypt and ccdecrypt. There is also a ccat command for decrypting a file directly to the terminal, thus reducing the likelihood of leaving temporary plaintext files around. In addition, there is a compatibility mode for decrypting legacy unix crypt files. An emacs mode is also supplied for editing encrypted text files.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/135781677512773.html

- Protect SSH server from dictionary attacks using iptables

iptables is built on top of netfilter, iptables is the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.

If you are using SSH then you will sooner or later notice someone trying to hack into your box using dictionary attacks. You can use the iptables module recent to limit a minimum time between new connections from the same IP.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/135781677519839.html

- SQL injection Tool - Havij

We are NOT responsible for any damage or illegal actions caused by the use of this program. 
Use on your own risk!

SQL injection is yet another common vulnerability that is the result of lax input validation. Unlike cross-site scripting vulnerabilities that are ultimately directed at your site’s visitors, SQL injection is an attack on the site itself—in particular its database. The goal of SQL injection is to insert arbitrary data, most often a database query, into a string that’s eventually executed by the database. The insidious query may attempt any number of actions, from retrieving alternate data, to modifying or removing information from the database

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/05/13578167755772.html

- Allow Remote Ronnections Acess to MySQL Server

MySQL by default allows you to connect to it via localhost, you can not connect to MySQL server directly from some remote IP address.

To enable remote mysql access you just need to perform a little editing in the mysql configuration file. Open the mysql configuration file -- /etc/mysql/my.cnf and look for line
bind-address = 127.0.0.1
Change the above line (Comment out) with following and save the changes
#bind-address = 127.0.0.1

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/05/13578167756134.html

- UI Forensic Tool for File Information - FileInfo

FileInfo is an GUI forensic tool for Ubuntu Linux written in Python, that helps you in identifying files with specific values for certain attributes in order to search and sort these files and present the results in an easily readable tabular fashion.

Using fileinfo you can access this information for many files at once without opening these files individually with a dedicated application, which can be very time consuming.

FileInfo features includes:
 * Meta Data Information
 * String ASCII and Unicode
 * Hash MD5 and SHA1
 * Malicious PDF Analyzer
 * Detect and Show PE32 Information
 * Detect and Extract Thumbnail from JPEG file

FileInfo Installation:
Download Fileinfo from here and extract the content using command:
$ tar xfz fileinfo-x.tar.gz
Then change into the newly created directory ``fileinfo`` and install `fileinfo` by running the following command::
$ bash fileinfo --install




source:http://linuxpoison.blogspot.com/2011/05/135781677510676.html

- How To Generate QR Code under Ubuntu Linux

A QR Code (it stands for "Quick Response") is a mobile phone readable barcode - simply encode a URL into the QR Code and then point a mobile phone (or other camera-enabled mobile) at it. If the device has had QR Code decoding software installed on it, it will fire up its browser and go straight to that URL.

But it doesn't stop there - a QR Code can also contain a phone number, an SMS message, V-Card data or just plain alphanumeric text, and the scanning device will respond by opening up the correct application to handle the encoded data appropriately courtesy of the FNC1 Application Identifiers that are embedded in the encoded data.

The technical specifications for a QR Code are set down in the ISO-18004 standard so they are the same all over the world, and the only significant variations from one QR code to another (apart from the data it contains) is the number of modules required to store the data.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/05/135781677514998.html

- Opensource Profiling and performance tunning for .Net Applications - SlimTune

SlimTune is a free profiler and performance analysis/tuning tool for .NET based applications, including C#, VB.NET, and more. It provides many powerful features, such as remote profiling, real time results, multiple plugin-based visualizations, and much more. The source code is available under the terms of the MIT License.

SlimTune is currently an early beta, but it is fully functional and considered ready for use in most cases. Both x86 and x64 targets are supported, but only sampling based profiling is available in the current release.

SlimTune Features
Live Profiling - Why should you have to wait until your program has ended to see results? SlimTune reports results almost immediately, while your code is still running. See your bottlenecks in real-time, not after the fact.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677516312.html

- How to Upgrade Ubuntu Using an Alternate ISO Image

If your computer is not able to run the standard Desktop installation CD, you can use an Alternate installation CD instead. The Alternate CD also allows more advanced installation options which are not available with the Standard LiveCD.

To upgrade Ubuntu from an ISO file, you need the Alternate version CD, NOT the regular Ubuntu Desktop CD. Alternate CD ISO image file of any release can be found here: http://releases.ubuntu.com/.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/13578167758695.html

- How to Create ISO-9660 CD-ROM filesystem images - genisoimage

genisoimage is a pre-mastering program to generate ISO9660/Joliet/HFS hybrid filesystems. genisoimage takes a snapshot of a given directory tree, and generates a binary image which will correspond to an ISO9660 and/or HFS filesystem when written to a block device.

Install genisoimage using command:
sudo apt-get install genisoimage

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677518383.html

- Scan for Potential Security flaws in source code - Graudit

Graudit is a little script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Graudit supports scanning code written in several languages; asp, jsp, perl, php and python.

Graudit Usage:
Graudit supports several options and tries to follow good shell practices. For a list of the options you can run graudit -h or see below. The simplest way to use graudit is;
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677518867.html

- How to Measure the Throughput of a Network- Iperf

Iperf is a commonly used network testing tool for measuring maximum TCP and UDP bandwidth performance (throughput) of a network. Iperf allows the tuning of various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, datagram loss.

Iperf allows the user to set various parameters that can be used for testing a network, or alternately for optimizing or tuning a network. Iperf has a client and server functionality, and can measure the throughput between the two ends, either unidirectonally or bi-directionally. It is open source software and runs on various platforms including Linux, Unix and Windows.

Typical Iperf output contains a timestamped report of the amount of data transferred and the throughput measured. Iperf is significant as it is a cross-platform tool that can be run over any network and output standardized performance measurements. Thus it can be used for comparison of wired and wireless networking equipment and technologies in an unbiased way.
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677511530.html

- How to reinstall GRUB 2 in Ubuntu using Live Distribution CD

GRUB 2 introduces many new changes. GRUB 2 has better portability and modularity, supports non-ASCII characters, dynamic loading of modules, real memory management, and more and is totally different from its predecessor, menu.lst doesn't even exist, it is replaced by grub.cfg which have little resemblance with menu.lst.

Using a Live distribution
The first thing to do is start the live-cd and open a terminal type the following command to see the partitions on different hard disks:
$ sudo fdisk-l
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/13578167754468.html

- Recover deleted files using Foremost

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.

Originally developed by the United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research and now foremost has been opened to the general public.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677519020.html

- Keed track of Configuration file changes under /etc - etckeeper

etckeeper is a collection of tools to let /etc be stored in a git, mercurial, darcs, or bzr repository. It hooks into apt (and other package managers including yum and pacman-g2) to automatically commit changes made to /etc during package upgrades. It tracks file metadata that revison control systems do not normally support, but that is important for /etc, such as the permissions of /etc/shadow. It's quite modular and configurable, while also being simple to use if you understand the basics of working with revision control.

etckeeper installation:
Open your terminal and type following command to install etckeeper:
sudo apt-get install etckeeper
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677512073.html

- Download or Stream Video/Audio files from Youtube - Gmediafinder

Gmediafinder is a software to search stream an/or download audio or video files form YouTube and other similar sites and you also don't required browser or flash player, Gmediastreamer support full screen mode (double click on the video), visualizations, you can also select the preferred resolution for the playing the video files.

In addition to YouTube, Gmediastreamer supports the following search engines:
Dilandau: A European-run MP3 search engine that allows you to “Download music for FREE”, though with a limited catalogue.  
MP3Realm: Now pointing to azmp3s.com, another slightly shady looking MP3 search engine that offers streaming, downloading and a lyrics lookup service. I’ve noticed not all files will stream, for some unknown reason. 
Skreemr: An MP3 search engine that claims to deliver music, remixes, podcasts and ringtones and works well. 
Tagoo: A Russian MP3 search engine, quite possibly legal in Russia but probably not anywhere else. Some adverts on the site are probably NSFW (not safe for work) but accessing via Gmediafinder gets rid of those anyway! 
Imusicz: Another questionable search engine that comes with its own status page that you can check if your results aren’t showing up.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/13578167758367.html

- How to Install Gnome 3 on Ubuntu 11.04 (Natty Narwhal)

Unity is a shell interface for the GNOME desktop environment developed by Canonical for its Ubuntu operating system. Unity debuted in the netbook edition of Ubuntu 10.10. It is designed to make more efficient use of space given the limited screen size of netbooks, including, for example, a vertical application switcher called the launcher. Unlike GNOME, KDE Software Compilation, or Xfce, Unity is not a collection of applications but designed to be used with existing GTK+ programs.

Ubuntu has traditionally used the full GNOME desktop environment; founder Mark Shuttleworth cited philosophical differences with the GNOME team over the user experience to explain why Ubuntu would use Unity as the default desktop instead of GNOME Shell, beginning April 2011, with Ubuntu Natty Narwhal (11.04).

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/135781677510263.html

- Utility for automatic management and monitoring of Information Technology Systems - Monit

Monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses too much resources. You can use Monit to monitor files, directories and filesystems for changes, such as timestamps changes, check-sum changes or size changes. You can also monitor remote hosts; Monit can ping a remote host and can check TCP/IP port connections and server protocols. Monit is controlled via an easy to use control file based on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions and recovery status via customizable alert.

Monit Features
 * Daemon mode - poll programs at a specified interval
 * Monitoring modes - active, passive or manual
 * Start, stop and restart of programs
 * Group and manage groups of programs
 * Process dependency definition
 * Logging to syslog or own log file
 * Configuration - comprehensive control file
 * Run-time and TCP/IP port checking (tcp and udp)
 * SSL support for port checking
 * Unix domain socket checking
 * Process status and process timeout
 * Process cpu usage
 * Process memory usage
 * Process zombie check
 * Check the systems load average
 * Check a file or directory timestamp
 * Alert, stop or restart a process based on its characteristics
 * MD5 checksum for programs started and stopped by monit
 * Alert notification for program timeout, restart, checksum, stop resource and timestamp error
 * Flexible and customizable email alert messages
 * Protocol verification. HTTP, FTP, SMTP, POP, IMAP, NNTP, SSH, DWP,LDAPv2 and LDAPv3
 * An http interface with optional SSL support to make monit accessible from a web browser

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/06/13578167755239.html

- Video Transcoder for Linux and Unix systems built using GStreamer - Transmageddon

Transmageddon supports almost any format as its input and can generate a very large host of output files. The goal of the application was to help people to create the files they need to be able to play on their mobile devices and for people not hugely experienced with multimedia to generate a multimedia file without having to resort to command line tools with ungainly syntaxes.

The currently supported codecs are:
 * Containers:
  - Ogg
  - Matroska
  - AVI
  - MPEG TS
  - flv
  - QuickTime
  - MPEG4
  - 3GPP
  - MXT
 * Audio encoders:
  - Vorbis
  - FLAC
  - MP3
  - AAC
  - AC3
  - Speex
  - Celt
 * Video encoders:
  - Theora
  - Dirac
  - H264
  - MPEG2
  - MPEG4/DivX5
  - xvid
  - DNxHD
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167755712.html

- Earth wallpapers for Ubuntu Linux - xplanetFX

xplanet (by Hari Nair) is a great piece of software capable of creating renderings inside our solar system. To raise the quality of it’s output adding some graphical effects, it was a great candidate to link with imagemagick.

The result is xplanetFX, a user-friendly piece of software to configure, run or daemonize xplanet with h/q capabilities to create wallpapers of mother earth on your desktop.

More realistic maps and backgrounds and a sophisticated graphics handling produce nearly photo realistic images of our mothership. It’s GTK GUI makes it really easy to use and provides a lot of settings and a user friendly access to xplanetFX. And even the templating capabilities give xplanetFX an individual and stylish touch.

The features of xplanetFX
 * Fluffy clouds with bumps and shadows floating above the earth
 * High quality earth map with bump, color corrections and subtle sea levels
 * Corona with realistic lighting
 * Atmospheric gleam towards the lit edge
 * Specular reflection of the sun on water, ice and clouds
 * Templates with online pool to download from
 * Post processing with contras and color correction and a subtle “washed out” effect
 * Seamless wallpaper change in GNOME, FLUXBOX, KDE < 4.3, XFCE and XFCE4, Fluxbox and feh wallpaper changer
 * Option to render to a specific file and invoke a command afterwards (change wallpaper of any other envrionment)
 * Startup delay to load desktop first
 * Creating single renderings for use in shell scripts
 * detailed logging
 * CLI Setup with customization depending on actual config (reconfigurable)
 * Small Toggle window for placing a starter in the panel
 * Daemon with nice value (less aggressive)
 * GTK user interface (english, russian, italian, french, spanish, japanese, dutch, czech, greek and german by now)
 * Different list views
 * Online theme pool
 * Extensive functionality in customization
 * Previews

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677516134.html

- Suite of educational games for children - Childsplay

Childsplay is a collection of educational activities for young children and runs on Windows, OSX, and Linux.
Childsplay can be used at home, kindergartens and pre-schools. Childsplay is a fun and save way to let young children use the computer and at the same time teach them a little math, letters of the alphabets, spelling, eye-hand coordination etc.

Childsplay is part of the schoolsplay.org project

Childsplay includes the following games:
 * Numbers - Put the correct operator between two numbers.
 * SoundNpic - A toy for young children with pictures and sounds.
 * Packid - A pac-man game, try to catch the letters.
 * Soundmemory - The classic memory game, with sounds.
 * Fallingletter - Type them before the reach the ground.
 * Findsound - Listen to a sound and find the image to which it belongs
 * Findsound2 - The same as findsound, now with numbers and letters.
 * Pong - The classic game, play alone or against another child.
 * Billiards - Try to shoot the balls into the hole.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677510519.html

- Share folder between Windows (Host) and Ubuntu (Guest) under Virtual Box

VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2.

Presently, VirtualBox runs on Windows, Linux, Macintosh, and Solaris hosts and supports a large number of guest operating systems including but not limited to Windows (NT 4.0, 2000, XP, Server 2003, Vista, Windows 7), DOS/Windows 3.x, Linux (2.4 and 2.6), Solaris and OpenSolaris, OS/2, and OpenBSD.

When you run two operating systems you may required to share files/folders between host and guests, virtual box comes with an option to share files and folders between host and guest, for this you need to install Virtual box guest additional software on your guest OS, you can do this by using virtual box menu (Devices → Install Guest additional), once this is done, do the following ....

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167751584.html

- Multimedia (MP3, MPEG-4, AVI, DiVX, etc.) support in Fedora 15

Why doesn’t Fedora support MP3 ‘out of the box’?

Fedora cannot include support for MP3 or DVD video playback or recording. MP3 formats are patented, and the patent holders have not provided the necessary licenses. Fedora also excludes other multimedia software due to patent, copyright, or license restrictions, such as Adobe Flash Player and RealNetworks RealPlayer.

That doesn’t mean you can’t play .mp3 files in Fedora, it just takes a bit of work (not much).

Follow these instructions to get mp3 and other multimedia support on your Fedora 15.
Open a terminal and run this command:

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677518992.html

- Installation and Configuration of Apache Traffic Server under Ubuntu

Global data networking has become part of everyday life: internet users request billions of documents and terabytes of data, on a daily basis, to and from all parts of the world. Information is free, abundant, and accessible. Unfortunately, global data networking can also be a nightmare for IT professionals as they struggle with overloaded servers and congested networks. It can be challenging to consistently and reliably accommodate society’s growing data demands.

Traffic Server is a high-performance web proxy cache that improves network efficiency and performance by caching frequently-accessed information at the edge of the network. This brings content physically closer to end users, while enabling faster delivery and reduced bandwidth use. Traffic Server is designed to improve content delivery for enterprises, Internet service providers (ISPs), backbone providers, and large intranets by maximizing existing and available bandwidth.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167755892.html

- Free and Open Source Web Browser based Security Framework - Mantra

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges, maintaining access, and covering tracks. Apart from that Mantra also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.

Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167757924.html

- Allow Normal user to Install Software without root privileges - ZeroInstall Injector

The ZeroInstall Injector makes it easy for users to install software without needing root privileges. It takes the URL of a program and runs it (downloading it first if necessary). Any dependencies of the program are fetched in the same way. The user controls which version of the program and its dependencies to use.

Zero Install is a decentralised installation system (there is no central repository; all packages are identified by URLs), loosely-coupled (if different programs require different versions of a library then both versions are installed in parallel, without conflicts), and has an emphasis on security (all package descriptions are GPG-signed, and contain cryptographic hashes of the contents of each version). Each version of each program is stored in its own sub-directory within the Zero Install cache (nothing is installed to directories outside of the cache, such as /usr/bin) and no code from the package is run during install or uninstall. The system can automatically check for updates when software is run.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677519760.html

- GUI Tool to dump (clone/image) Files, Disks, Partitions - Gdiskdump

dd is a common Unix program whose primary purpose is the low-level copying and conversion of raw data. dd is an application that will "convert and copy a file" dd can also be used to copy regions of raw device files, e.g. backing up the boot sector of a hard disk, or to read fixed amounts of data from special files like /dev/zero or /dev/random.

The dd utility copies the specified input file to the specified output with possible conversions. The standard input and output are used by default. The input and output block sizes may be specified to take advantage of raw physical I/O. Sizes are specified in bytes; a number may end with k, b, or w to specify multiplication by 1024, 512, or 2, respectively

There is a command line involved in using dd command and if you are afraid of using command line or you are just a normal desktop user you can use the GUI version of the dd command know as - Gdiskdump

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167753955.html

- Energy Saving Software for Windows / Linux - Granola

There are any number of great ways to help save the world. Recycling, eating locally, replacing your light bulbs, walking everywhere - these are all powerful ways to lower your cost to the environment, but they all cost YOU something in return, whether time or money. Furthermore, it can be difficult to visualize the effects of your actions. Wouldn't it be nice if there was a way to measurably reduce your environmental impact without a lot of cost or work?

Granola gives you a way to do just that. With Granola intelligent software power management, you can reduce the energy consumption of your laptops, PCs, and servers by 15-35% without any impact on the way you use these devices. Whether you use Granola as part of your own personal quest to save the world, or as a way to help conserve in your business, you can know that you are part of a thriving community of individuals and businesses worldwide all saving energy.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167758102.html

- How to Install Latest Kernel 3.0 on Ubuntu 11.04 (Natty)

It's been nearly twenty years since Linus Torvalds let loose Linux on an unsuspecting world, and on July 22 he finally updated the open source OS kernel to version 3.0.

Total Torvalds has integrated over 9,800 changes to Linux 3.0, the last of which 2200 were mainly corrections. As is usually two thirds of all new or updated driver changes.

Summary:
Besides a new version numbering scheme, Linux 3.0 also has several new features: Btrfs data scrubbing and automatic defragmentation, XEN Dom0 support, unprivileged ICMP_ECHO, wake on WLAN, Berkeley Packet Filter JIT filtering, a memcached-like system for the page cache, a sendmmsg() syscall that batches sendmsg() calls and setns(), a syscall that allows better handling of light virtualization systems such as containers. New hardware support has been added: for example, Microsoft Kinect, AMD Llano Fusion APUs, Intel iwlwifi 105 and 135, Intel C600 serial-attached-scsi controller, Ralink RT5370 USB, several Realtek RTL81xx devices or the Apple iSight webcam. Many other drivers and small improvements have been added.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167755767.html

- Open Source Cross-platform Load Testing Tool – loadUI

loadUI is a free and open source cross-platform Load Testing solution. With a visual, drag-and-drop interface, it allows you to create, configure and redistribute your Load Tests interactively and in real-time. In a single test environment, loadUI provides complete test coverage and supports all the standard protocols and technologies. And it’s so powerful, it generates scalable, high-volume and real-world load from any number of local and remote computers.

loadUI Features:
 * Test Creation
 * Statistics Workbench
 * Distribution
 * Analysis and Reporting
 * Complete Testing
 * Automation
 * Technology Support   

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167753366.html

- Test the Security and Vulnerability of Web-Application - Vega

Vega is an open source platform to test the Security and Vulnerability of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. Vega can be extended using a powerful API in the language of the web: Javascript.

Modules used in Vega:
 * Cross Site Scripting (XSS)
 * SQL Injection
 * Directory Traversal
 * URL Injection
 * Error Detection
 * File Uploads
 * Sensitive Data Discover

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/1357816775755.html

- UI Application for Encoding and Ripping DVDs in Linux - OGMRip

OGMRip rips and encodes DVD into very high quality AVI, OGM, MP4, or Matroska files. It supports a wide variety of video (XviD, Lavc, X264 and Ogg Theora) and audio (Ogg Vorbis, MP3, PCM, AC3, DTS and AAC) codecs and can extract SRT or VobSub subtitles. OGMRip tries as much as possible to automate most of the steps of the encoding: it computes the video bitrate for a given output file size, auto detects cropping and scaling parameters, ... It also allows to embed multiple audio and subtitle streams in a single file and to encode only a few chapters of a DVD title..

OGMRip Features
 * Transcodes from DVD or files
 * Outputs OGM, AVI, MP4, or Matroska files
 * Supports a lot of codecs (Vorbis, MP3, PCM, AC3, DTS, AAC, XviD, LAVC, X264, Theora)
 * Calculates video bitrate for a given file size
 * Autodetects cropping parameters and scaling factors
 * Supports multiple audio and subtitles streams encoding
 * Extracts subtitles in SRT or VobSub format
 * Uses maximum quality codecs switches
 * Rips contiguous chapters
 * Supports external audio (PCM, MP3, AC3, DTS, AAC, Vorbis) and subtitles (MicroDVD, SubRip, SRT, Sami, VPlayer, RT, SSA, PJS, MPSub, AQT, JacoSub, VobSub) files
 * Provides customisable encoding profiles

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/135781677513885.html

- Upload Pictures and Videos to Facebook directly from Nautilus - Nfuploader

Nfuploader is script is a small program which allows you to upload photos and videos to your facebook account with ease, right from your desktop. Originally a nautilus script, nfuploader can now be installed even without nautilus. It is a complete application now. Nfuploader is written in python.

Nfuploader features:
 * Post photos to wall
 * Added ability to set photo descriptions.
 * Upload to any existing album
 * Create an album
 * Delay an upload
 * Upload a video to Facebook

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167756679.html

- Opensource Application to Track Your Stolen Phone or Laptop - Prey

Prey is a lightweight opensource program that will help you track and find your laptop or your android phone if it ever gets stolen.

Prey comprises a shell script which calls out on a regular basis to either a server run by prey project, or a url nominated by the system administrator sends data regarding the current location of your missing device. The latest version of the application has the capability to even take pictures using the device's inbuilt webcam and send it to you upon request.

Install Prey:
Open up the terminal and type following command to install prey under Ubuntu:
sudo apt-get install prey

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677515.html

- How to Profile Applications under Linux - perf

The purpose of application profiling is to check whether an application, which is being developed, works as it is supposed to and to assist the developers in improving the application.

Profiling Prerequisites:
Profiling an application involves the following steps:
 * Profiling applications on remote hosts requires the installation of the Agent Controller. Profiling local applications requires no additional install or setup.
 * Launching an application
 * Specifying profiling criteria
 * Using profiling views to analyze data
 * Save profiling data or resources if you expect to use them again 

Perf is a profiler tool for Linux 2.6+ based systems that abstracts away CPU hardware differences in Linux performance measurements and presents a simple command-line interface. Perf is based on the perf_events interface exported by recent versions of the Linux kernel.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167755527.html

- Wallpaper Changer for Ubuntu Linux - Wally

Wally is a Qt4 wallpaper changer using multiple sources like ...
 * Files, Folders, FTP remote folders
 * Flickr, Yahoo!, Panoramio, Pikeo, Ipernity, Photobucket, Buzznet, Picasa, Smugmug, Bing, Google, Vladstudio, and deviantART images.

It is available in many languages. Supported Linux window managers are GNOME, KDE3, KDE4, XFCE4, BlackBox, FluxBox, Window Maker, and FVWM (experimental).

Wally Features
 * Runs on Win32, Linux and MacOSX platforms
 * History support
 * Many wallpaper layouts available on all platforms
 * EXIF data available over picture and in system tray tooltip
 * Save downloaded photos
 * Proxy support

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/13578167759279.html

- Need Entry for Linux / Opensource Blogs

Hello LinuxPoison Readers,

Need your help ...

The all-time top post of linuxpoison is - List of best Linux blogs but there are lots of blogs in this list which are dead or non-functional, so I am thinking for building the new list of blogs dedicated to linux or/and open source ONLY.

I will put this list on the separate blog page for easy accessibility.

Please do send me your favouire blogs ONLY on Linux or Open source

Thanks,
Nikesh


source:http://linuxpoison.blogspot.com/2011/08/135781677518370.html

- Console based Last.fm player - Shell-fm

Last.fm is a UK-based Internet radio and music community website, founded in 2002. It claims over 30 million active users based in more than 200 countries.

Using a music recommender system called "Audioscrobbler", Last.fm builds a detailed profile of each user's musical taste by recording details of all the songs the user listens to, either on the streamed radio stations, the user's computer or some portable music devices. This information is transferred to Last.fm's database ("scrobbled") via a plug in installed into the user's music player. The profile data is then displayed on the user's profile page. The site offers numerous social networking features and can recommend and play artists similar to the user's favorites.

shell-fm is a lightweight, console-based player for Last.FM radio streams. It’s pretty small (the binary is currently about 70K, or about 60K when stripped) and it has most features the official player has, if not even a few more. Additional features are, for example:

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167759367.html

- List of best Linux blogs - V2

LinuxHelp Good site with great stuff, frequently updated.
HowToGeek Great How to site, not only for Linux but its Linux section is great!.
LinuxScrew good site which is coming real popular these days, with great articles.
Fsckin Frequently updated Linux site, great tutorials, and good posts about games for Linux.
Ubuntu Geek All about Ubuntu, from a real Geek
BashCuresCancer Site devoted to command Line, unfortunately not too frequently updated
http://www.linux-gamers.net/ For Linux games, how tos, forums, etc. about Video
Ars Technica Open Ended section: http://arstechnica.com/journals/linux.ars
DesktopLinux: http://www.desktoplinux.com/
Phoronix: http://www.phoronix.com/ (lots of good Linux stories)
http://www.ubuntux.org Ubuntux
http://www.markshuttleworth.com mark shuttleworth's blog
http://ubuntuliving.blogspot.com ubuntu living
http://planet.gnome.org planet gnome [same as planet kde]
http://planetkde.org planet kde [links to TONS of other blogs]
http://happypenguin.org happy penguin linux gaming
http://www.linux-watch.com linux watch
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/13578167752361.html

- Multi-Tabbed PuTTY - MTPuTTY

PuTTY is the most popular SSH client for Windows. One, and probably the only one, of PuTTY drawbacks is that you need to start a new copy of PuTTY every time you open a new connection. So if you need e.g. 5 active connections you run 5 PuTTY instances and you have 5 PuTTY windows on the desktop.

MTPuTTY (Multi-Tabbed PuTTY) is a small *FREE* utility enabling you to wrap unlimited number of PuTTY applications in one tabbed GUI interface. You are still continue using your favorite SSH client, but you are no longer messing around with PuTTY windows - each window will be opened in a separate tab.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/135781677511527.html

- Getting Information about packages in Ubuntu Linux

Finding packages:
How do you find the package that's got the feature you're looking for? First, do
sudo apt-get update
so your package list is up-to-date, and then try something like
sudo apt-cache search tunnel
sudo apt-cache search 'php.*'
That is how you tell apt to search the packages using REGEX (regular expression, a pattern-matching 'language') -- if your pattern uses any keystrokes that mean something to your command shell (e.g. [|?*] ) you'll need to quote them so that apt-cache will be able to see them, instead of having the shell expand the term to a list of file names that mean something else entirely.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/08/135781677517347.html

- Automatic Software Installer for Ubuntu Linux - Bleeding Edge

Bleeding Edge Script for Ubuntu
* Bleeding Edge is a shell script designed for Ubuntu(32bit,64bit supported).
 * Installs repositories, keys, and software like media players, codecs, drivers, etc.
 * It can even clean up the system and save you some precious disk space.
 * Popular supported applications include Google Earth, Google Chrome, CLI Companion, Y PPA Manager, Ubuntu Tweak among others.

Install and Run Bleeding Edge in Ubuntu
 * Download Bleeding Edge Script from here
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/135781677518418.html

- Configuring IP aliases under Ubuntu Linux

IP aliasing is the process of adding more than one IP address to a network interface. Typical uses of IP aliasing are virtual hosting of Web and FTP servers.  It is fairly simple to set up an IP alias. You merely have to configure the network interface on the system to listen for the additional IP address.

Below are the steps for configuring IP alias under Ubuntu Linux:
If you want to put IP alias on an interface, first find the interface, use command
ifconfig
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167758012.html

- Powerful Firewall Manager built on top of Iptables - Vuurmuur

Vuurmuur is a powerful firewall manager built on top of iptables that works with Linux kernels 2.4 and 2.6.  It has a simple and easy to learn configuration that allows both simple and complex configurations.

The configuration can be fully configured through an Ncurses GUI, which allows secure remote administration through SSH or on the console.

Vuurmuur has powerful monitoring features, which allow the administrator to look at the logs, connections and bandwidth usage in realtime. It makes use of IPTrafficVolume for keeping track of the traffic volume per interface.

The program is divided into three part. One element (the middle-end) converts humanly-readable rules, hosts, groups, networks, zones, interfaces and services into a iptables ruleset (or optional into a bash-script). The second element is a small daemon that converts the Netfilter logs to easy readable logs. The final element is an Ncurses-based user interface (the front-end) to manage the firewall.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/135781677519049.html

- Open Source Antispyware Tool - Nixory

Nixory is a free and open source antispyware tool written in Python/PyGTK aimed at removing malicious tracking cookies from your browser. It currently supports Mozilla Firefox, Internet Explorer and Google Chrome. It runs on all OS, including Windows, Linux and MacOSX.

A cookie, in the internet terminology, is a piece of text which your browser stores on your computer when requested by a website you are visiting. Cookies can be used in different useful ways: for authentication, for storing site preferences, for shopping cart contents, but can be also used by companies in less useful places. For example, they can use cookies to track your computer data and IP address for marketing purposes, putting your privacy at risk.

Nixory will protect your browser from this kind of malicious tracking cookies.

Nixory Features include:
 * Ice Eye heuristic system
 * Update stats for number of scans, removed objects and more
 * Customizable options
 * Remove Tool for found data miner
 * Enable to ignore selected data miner groups
 * Enable to write a Scan Log with accurate details
 * Multi-Language support (English, Italian, Dutch, Spanish, Spanish(AR), Catalan)
 * Multi-profiles of Firefox support
 * Flexible management of memory

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/135781677518941.html

- How to Prevent Package from Getting Upgraded - Ubuntu Linux

Synaptic is a graphical package management program for Debian based Linux distributions. It provides the same features as the apt-get command line utility with a GUI front-end based on Gtk+. The Synaptic package manager enables the user to install, to upgrade or to remove software packages. To install a package a user must search for the package they want and mark it for installation. Changes are not applied instantly; the user must first mark all changes and then apply them.

There are times where you don not want a particular package from getting upgraded, follow the steps below to prevent any package in your Ubuntu system  from getting upgraded using Synaptic package manager with few clicks.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167758811.html

- Anonymous web surfing using TOR - Ubuntu Linux

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Installing Tor under Ubuntu:
Add the following repositories to your /etc/apt/sources.list file
deb http://deb.torproject.org/torproject.org natty main
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167754587.html

- GUI Toolkit for Database Developers and Administrator - TOra

TOra is an open-source multi-platform database management GUI that supports accessing most of the common database platforms in use, including Oracle, MySQL, and Postgres, as well as limited support for any target that can be accessed through Qt's ODBC support. TOra has been built for various Linux distributions, Mac OS X, MS Windows, and UNIX platforms.

In addition to regular query and data browsing functionality, it includes several additional tools useful for database administrators and developers – which aims to help the DBA or developer of database application. Features PL/SQL debugger, SQL worksheet with syntax highlighting, DB browser and a comprehensive set of DBA tools.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167757470.html

- Limiting Linux System Users - limits.conf

Almost all Linux distributions ship with PAM support making it universally available. PAM limits provide a single standardized interface to setting user limits, instead of having to write complex shell configuration files (such as /etc/profile) you simply edit the "limits.conf" file. As well applying limits selectively through the command shell is very difficult, whereas with PAM applying limits globally, on groups or on individual users is quite simple. To enable PAM limits you need to add a line such as:
session        required    /lib/security/pam_limits.so
to the appropriate Pam configuration file (/etc/pam.d/sshd). You can then define limits, typically these are in "/etc/security/limits.conf" or a similar location. Because most of these limits are enforced by the shell the system cannot log all violations of limits (you will be notified in syslog when a user exceeds the number of times they are allowed to login, however you will not receive a warning if the user tries to use more disk space then they are allowed to).
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167751278.html

- Securing Service using TCP_WRAPPERS

Using TCP_WRAPPERS makes securing your servers against outside intrusion is a lot simpler and painless. TCP_WRAPPERS is controlled from two files:
/etc/hosts.allow
/etc/hosts.deny
hosts.allow is checked first, and the rules are checked from first to last. If it finds a rule that explicitly allows you in (i.e., a rule allowing your host, domain, subnet mask, etc.) it lets you connect to the service. If it fails to find any rules that pertain to you in hosts.allow, it then goes to check hosts.deny for a rule denying you entry.
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167754165.html

- Create and Manage Encrypted Folder (EncFS) in Ubuntu with Cryptkeeper

EncFS creates a virtual encrypted filesystem which stores encrypted data in the rootdir directory and makes the unencrypted data visible at the mountPoint directory. The user must supply a password which is used to (indirectly) encrypt both filenames and file contents.

If EncFS is unable to find a supported filesystem at the specified rootdir, then the user will be asked if they wish to create a new encrypted filesystem at the specified location. Options will be presented to the user allowing some control over the algorithms to use. As EncFS matures, there may be an increasing number of choices.

EncFS offers several advantages over other disk encryption software simply because each file is stored individually as an encrypted file somewhere else in the host's directory tree.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/07/135781677512216.html

- Hack Into Wi-Fi (WEP and WPA Encrypted) Networks - Wifite

Author is NOT responsible for any damage or illegal actions caused by the use of this program. 
Use on your own risk!

Wifite is made to attack multiple WEP and WPA encrypted networks at the same time. this tool is customizable to be automated with only a few arguments. wifite can be trusted to run without supervision. 
 

Wifite features:
 * Sorts targets by power (in dB); cracks closest access points first
 * Automatically deauths clients of hidden networks to decloak SSIDs
 * Numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
 * Customizable settings (timeouts, packets/sec, channel, change mac address, ignore fake-auth, etc)
 * "anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete
 * all WPA handshakes are backed up to wifite.py's current directory
 * Smart WPA deauthentication -- cycles between all clients and broadcast deauths
 * Stop any attack with Ctrl+C -- options: continue, move onto next target, skip to cracking, or exit
 * Switching WEP attack methods does not reset IVs
 * Intel 4965 chipset fake-authentication support; uses wpa_supplicant workaround
 * SKA support (untested)
 * Displays session summary at exit; shows any cracked keys
 * All passwords saved to log.txt
 * built-in updater: ./wifite.py -upgrade 


Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/13578167752413.html

- Tool to Audit Web Application Security - Lilith

LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html <form> tags , which often refer to dynamic pages that might be subject to SQL injection or other flaws.

How the entire "scanning" process works is different from so called "CGI scanners", such as nikto and n-stealth.  This program will surf to a website and crawls through all the links, just as a user would to.  On any possible input field, such as text boxes, page id's, ... LiLith will attempt to inject any  characters  that might have a special meaning for any underlying technology, such as SQL. 

Any Web applications scanner can never perform a full 100% correct audit. Therefore, a manual re-check is necessary. Hence, be aware that Lilith might come up with several false positives.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/09/135781677512481.html

- Setting up SSH keys for Secure Password-less SSH Login

OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

The OpenSSH suite replaces rlogin and telnet with the ssh program, rcp with scp, and ftp with sftp. Also included is sshd (the server side of the package), and the other utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server.

If you manage more than one or two hosts, you likely have to type the same password too often. This can get quite annoying. SSH allows you to setup a public and private keypair. Using these keys, you can connect to any host which has the public key, from any host which has the private key.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/10/135781677514025.html