- Improve Flash performance under Linux

Did you know that the Adobe Flash Player honors a few configuration files on the user’s local file system? There are 2 such files:

mm.cfg : user-local configuration file; lives in user’s home directory on Unix/Linux systems and is largely only useful when using content debugger versions of the Player

mms.cfg : system-wide configuration file, designed to allow administrators to set policy for all users on a system; lives in /etc/adobe on Unix/Linux systems.

There is a lengthy guide available that describes all of the various administration features and what the mms.cfg can do for you.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/11/135781677510417.html

- Configure Apache HTTP server with mod-pagespeed for high performance

mod_pagespeed is an open-source Apache module that automatically optimises web pages and resources on them. It does this by rewriting the resources using filters that implement web performance best practices. Web masters and web developers can use mod_pagespeed to improve the performance of their web pages when serving content with the Apache HTTP Server.

mod_pagespeed includes several filter that optimise JavaScript, HTML and CSS stylesheets. It also includes filters for optimizing JPEG and PNG images. The filters are based on a set of best practices known to enhance web page performance. Webmasters who set up mod_pagespeed in addition to configuring proper caching and compression on their Apache distribution should expect to see an improvement in the loading time of the pages on their websites.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/11/135781677519290.html

- A Powerful HTTP / HTTPS / FTP / FTPS Load and Performance testing open-source tool - curl-loader

curl-loader is an open-source tool written in C-language, simulating application load and application behavior of thousands and tens of thousand HTTP / HTTPS and FTP / FTPS clients, each with its own source IP-address. In contrast to other tools curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl, and simulates user behavior with support for login and authentication flavors.

The goal of curl-loader is to deliver a powerful and flexible open-source testing solution

curl-loader is useful for performance loading of various application services, for testing web and ftp servers and traffic generation. Activities of each curl-loader virtual client are logged and collected statistics includes information about resolving, connection establishment, sending of requests, receiving responses, headers and data received/sent, errors from network, TLS/SSL and application (HTTP, FTP) level events and errors.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/11/13578167758905.html

- System-wide Performance Profiler for Linux - Sysprof

Sysprof is a sampling CPU profiler that uses a Linux kernel module to profile the entire system, not just a single application. Sysprof handles shared libraries and applications do not need to be recompiled. In fact they don't even have to be restarted.

Sysprof has the following features:
  * profiles all running processes, not just a single application
  * Has a simple graphical interface
  * Shows the time spent in each branch of the call tree
  * Profiles can be loaded and saved

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/11/135781677513807.html

- Debian Package Viewer for files and contents - deb-gview

deb-gview Displays Debian control information, devscript details and details of the files that would be installed (names, sizes and locations). Files within the package can be viewed within the package or externally.

deb-gview has been extended via GnomeVFS to view the contents of any .deb in the archive without having to install the package and without having to separately download the .deb itself. Either copy the link address and load the .deb on the command line or configure your browser to use deb-gview as a helper for .deb files (right click a .deb and select open with... or similar). Then just double click on any text file within the .deb to view it. Also works with manpages and images inside the .deb, other filetypes can be supported via a config file. Supports viewing a .deb for any architecture, not just your own (useful to see if the autobuilders have really done what you expected with generated files).

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677511987.html

- How to install packages "on demand" in Ubuntu - auto-apt

You're compiling a program and, all of a sudden, boom! There's an error because it needs a .h file and you don't have. The program auto-apt can save you from such scenarios. It asks you to install packages if they're needed, stopping the relevant process and continuing once the package is installed.

auto-apt checks the file access of programs running within its environments, and if a program tries to access a file known to belong in an uninstalled package, auto-apt will install that package using apt-get.  This feature requires apt and sudo to work.

It also provides simple database to search which package contains a requested file.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167759765.html

- Linux Kernel Compilation made easy for Ubuntu users - KernelCheck

KernelCheck is a graphical user interface program designed to make the kernel-compiling process as easy as the click of a button. A kernel is the base of any operating system – in our case, the Linux operating system. KernelCheck will fetch the latest information from http://www.kernel.org, which hosts the source packages for the Linux kernel, and ask the user which one they would like to compile into a .deb package (with the option of installing the kernel after the compilation). This automated process is a fork of AutoKernel by Robert Wolterman (xtacocorex), Timothy Janssen (mentok), and Kristof Verbeken (PingunZ). KernelCheck is currently licensed under the GNU Public License version 3.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167753077.html

- Tool for load testing of web applications - OpenLoad

OpenLoad is a tool for load testing web applications. It aims to be easy to use and providing near real-time performance measurements of the application under test. This is particularly useful when you are doing optimisation as you can see the impact of your changes almost immediately.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677512345.html

- Cross platform file encryption utility using blowfish - Bcrypt

Bcrypt is a cross platform file encryption utility. Encrypted files are portable across all supported operating systems and processors. Pass-phrases must be between 8 and 56 characters and are hashed internally to a 448 bit key.

In addition to encrypting your data, bcrypt will by default overwrite the original input file with random garbage three times before deleting it in order to thwart data recovery attempts by persons who may gain access to your computer.

Bcrypt uses the blowfish encryption algorithm published by Bruce Schneier in 1993. More information on the algorithm can be found at Counterpane. Specifically, bcrypt uses Paul Kocher's implementation of the algorithm.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677512771.html

- Website links, Errors and Structure Checker - Webcheck

Webcheck is a website checking tool for web masters. It crawls a given website and generates a number of reports in the form of html pages. It is easy to use and generates simple, clear and readable reports.

Features of webcheck include:
 * support for http, https, ftp and file schemes
 * view the structure of a site
 * track down broken links
 * find potentially outdated and new pages
 * list links pointing to external sites
 * can run without user intervention
Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677515793.html

- Password Cracker for zip Archives - fcrackzip

The ZIP file format is a popular and convenient tool for combing multiple files into a single compressed archive suitable for sharing with others or simply archiving old files for safekeeping. ZIP files can be encrypted with a password for privacy and security, but it means that the files inside the archive are inaccessible if the password is ever lost or forgotten. Fortunately, there are ways to recover the password and FCrackZip is a free open source password recovery tool for Linux that is fast and capable of performing both dictionary and brute-force attacks against password-protected ZIP files.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677515531.html

- Monitor Network traffic or speed / progress of a file transfer in Linux - speedometer

Speedometer Monitor network traffic or speed/progress of a file transfer. The program can be used for cases like:

  * how long it will take for 100 mb transfer to finish
  * how quickly is another transfer going
  * how fast is the upstream on this ADSL line
  * how fast is data written to a file system.

Speedometer measures network traffic and the speed or progress of a certain file transfer. Let's say you want to see how fast someone can download a file from your server and how the download is going in real time. Enter speedometer filename, and the program will draw a progress bar that shows the speed of the transfer.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677516741.html

- UI Application for converting Video and Audio using ffmpeg - WinFF

FFmpeg is a complete, cross-platform solution to record, convert and stream audio and video. ffmpeg includes libavcodec - the leading audio/video codec library.

FFmpeg is a wonderful library for creating video applications or even general purpose utilities. ffmpeg takes care of all the hard work of video processing by doing all the decoding, encoding, muxing and demuxing for you. This can make media applications much simpler to write. It's simple, written in C, fast, and can decode almost any codec you'll find in use today, as well as encode several other formats.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167751625.html

- How to Change MySQL Storage Engines

MySQL 5.0 and higher offers nine storage engines and more are likely to be added in the future. The most commonly used are MyISAM, InnoDB, and Berkeley DB (BDB). Each storage engine offers special features and advantages. You can even use different formats for each table in your database, though it may be harder to manage a mixed format database. Better is to keep all tables in a database using the same storage engine, but use different engines for different databases.

To determine which storage engines your server supports, run following SHOW ENGINES; statement. The value in the Support column indicates whether an engine can be used. A value of YES, NO, or DEFAULT indicates that an engine is available, not available, or available and currently set as the default storage engine.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677512266.html

- Web based Internet Bandwidth and Data Transfer Monitor - BitMeter OS

BitMeter OS is a free, open-source, bandwidth monitor that works on Windows, Linux and Mac OSX. BitMeter OS keeps track of how much you use your Internet/network connection, and allows you to view this information in a variety of ways

Once BitMeter OS is installed on your computer you can monitor your connection usage either via a web browser, or by using the command line tools. The Web Interface displays various graphs and charts that show how your Internet / network connection has been used over time:

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677518023.html

- UI Application to hide Messages into Picture or Sounds files (Steganography) - SilentEye

SilentEye is a cross-platform application design for an easy use of steganography, in this case hiding messages into pictures or sounds. It provides a pretty nice interface and an easy integration of new steganography algorithm and cryptography process by using a plug-ins system.

SilentEye plug-in:
Cryptography plug-ins:
  * Allow application to encrypt data before hiding them, for example using AES 128.

Format Plug-in:
  * Image format plug-ins: By default a BMP plug-in is provided, which allow you to save encoded images into .bmp files. (JPEG plug-in is on its way...)
  * Audio format plug-ins: WAVE plug-in provided for .wav files

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167758991.html

- Automatic Web Browser Proxy Configuration using PAC file

The Web Proxy Auto-Discovery Protocol (WPAD) is a method used by clients to locate a URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete it can be executed to determine the proxy for a specified URL. The WPAD protocol only outlines the mechanism for discovering the location of this file, but the most commonly deployed configuration file format is the Proxy auto-config (PAC) format originally designed by Netscape.

A PAC file is a specialized JavaScript function definition that a browser calls to determine how requests are handled. Clients must specify (in their browser settings) the URL from which the PAC file is loaded. You can store a PAC file on web Server (or on any server in your network) and then provide the URL for this file to your clients.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677510388.html

- Search Files / Application on Ubuntu using - Synapse

If you ever used Gnome Do / Quicksilver / Gnome Launch Box, you'll feel right at home with Synapse, if not, the only thing you need to do is run Synapse (or press Ctrl+Space to summon it), type what you're looking for, and Synapse will present you a list of items that match your query. Once you found the item you were looking for, you can perform an action on it (and these are defined by the plugins you're using). If you don't like the default action, just press Tab and search appropriate action.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677511096.html

- Basic MySQL performance tuning using Query Cache

The query cache stores the text of a SELECT statement together with the corresponding result that was sent to the client. If an identical statement is received later, the server retrieves the results from the query cache rather than parsing and executing the statement again. The query cache is shared among sessions, so a result set generated by one client can be sent in response to the same query issued by another client.

The query cache can be useful in an environment where you have tables that do not change very often and for which the server receives many identical queries. This is a typical situation for many Web servers that generate many dynamic pages based on database content.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167755047.html

- Configure Squid Proxy with ClamAV Antivirus using HAVP (HTTP Anti Virus Proxy)

HAVP (HTTP Anti Virus Proxy) is a non caching proxy which scans for viruses with ClamAV anti-virus scanner at the same time. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. It can be used with squid or standalone, and it also supports transparent proxy mode.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167758348.html

- How to Disable Direct Root Login to SSH on Ubuntu

One security tweak you need to consider is with Open-SSH server. By default, direct log on for root is enabled, which means your just asking for trouble with hackers attempting to break into your Computer. Instead, you can easily disable root access from logging into your SSH server,

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677519888.html

- Extract individual file(s) from rpm package using rpm2cpio

As the name implies, rpm2cpio takes an RPM package file and converts it to a cpio archive. Because it's written to be used primarily as a filter, there's not much to be specified. rpm2cpio takes only only one argument.

The optional argument is the name of the package file to be converted. If there is no file-name specified on the command line, rpm2cpio will simply read from standard input and convert that to a cpio archive.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677515205.html

- UI Application to Convert Real Media formats (rm, ra, ram) to mp3 / wav formats - Rmconverter

Real Media Converter (Rmconverter) is a multi threaded GUI that takes advantage from the mencoder and lame packages to generate wav and mp3 formats from real media files (ra, rm, and ram) and wav files.

Rmconverter Features:
  * Converts Real Media formats (rm, ra, ram) to mp3/wav formats.
  * A simple Media player.
  * A user friendly interface.
  * Enhanced options panel, and the possibility of saving your configuration.
  * Translations.
  * Built in themes.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/13578167755938.html

- Top like Utility to monitor Network Connections usage - pktstat

pktstat displays a real-time list of active connections seen on a network interface, and how much bandwidth is being used by what.

It partially decodes HTTP and FTP protocols to show what filename is being transferred, as well as X11 application names. Entries hang around on the screen for a few seconds so you can see what just happened, in short a very useful tool to figure out network connection in real time.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677519230.html

- Remote Control your Ubuntu Linux using Android - Gmote

Gmote turns your Android phone into a remote control for your computer, allowing you to start and control movies and music at a distance. It supports all of the standard remote control features such as play, pause, rewind, volume controls etc.  It also has a built-in file browser that lets you view the files that are on your computer and select what you want to play. It's great if you want to sit back while watching a DVD, or control the flow of songs in your favorite playlist. 

Gmote can also be used as a wireless Touchpad and keyboard, allowing you to control your computer at distance. Another great feature available in Gmote is the ability to stream music from your computer to your phone!

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677519265.html

- A Complete Guide to Securing a Website - White Paper

To secure a website or a web application, one has to first understand the target application, how it works and the scope behind it.  Ideally, the penetration tester should have some basic knowledge of programming and scripting languages, and also web security.

A website security audit usually consists of two steps.  Most of the time, the first step usually is to launch an automated scan.  Afterwards, depending on the results and the website’s complexity, a manual penetration test follows.  To properly complete both the automated and manual audits, a number of tools are available, to simplify the process and make it efficient from the business point of view.  Automated tools help the user making sure the whole website is properly crawled, and that no input or parameter is left unchecked.  Automated web vulnerability scanners also help in finding a high percentage of the technical vulnerabilities, and give you a very good overview of the website’s structure, and security status.  Thanks to automated scanners, you can have a better overview and understanding of the target website, which eases the manual penetration process.

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677519201.html

- Split Single MP3 file OR Join multiple MP3 into one MP3 file - Mp3Splt & Mp3Wrap

Mp3Wrap is a free independent alternative to AlbumWrap. It's a command-line utility that wraps quickly two or more mp3 files in one single large playable mp3, without losing filenames and ID3 informations (and without need of decoding/encoding) It's useful to make large files easy to download on internet and then easy to split again in few seconds. You can split original files using mp3splt: http://mp3splt.sourceforge.net

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677517260.html

- UI application to access Google Picasa from Ubuntu - Picapy

Picapy is an easy to use UI application to manage Picasa album directly from your desktop. using Picapy you can easily perform the following operations ...

  * Bulk upload of image files
  * Delete individual Image
  * Create or delete albums
  * Download images
  * Get the direct URL to the image

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677518822.html

- Easy steps to tune-up your Ubuntu / Kubuntu Linux System

Below are few very simple and easy steps to fast tune your Ubuntu / Kubuntu Linux system.

Disable IPv6:
IPV6 got many new exciting features but if you are not on an IPV6 network, I don't think there is any benefit to having this protocol enabled.
Check here - How to disable ipv6 in Ubuntu Linux

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677515502.html

- Access Wikipedia Content Offline - Kiwix

Kiwix is an offline reader for Web content. It's especially thought to make Wikipedia available offline. This is done by reading the content of the project stored in a file format ZIM, The ZIM file format, an open, standardized file format to store Wiki content efficiently for offline usage

Continue Reading...


source:http://linuxpoison.blogspot.com/2010/12/135781677519854.html

- How to Disable SELinux in Fedora 14

SELinux is a security enhancement to Linux that allows users and administrators more control over which users and applications can access which resources, such as files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and applications that the user runs whereas SELinux access controls are determined by a policy loaded on the system and not changeable by careless users or misbehaving applications.

SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication (IPC).

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167758063.html

- Utility to Optimize / Compress JPEG files under Ubuntu Linux - jpegoptim

Jpegoptim can optimize / compress jpeg files. Jpegoptim support lossless optimization, which is based on optimizing the Huffman tables. So called, "lossy" optimization (compression) is done by re-encoding the image using user specified image quality factor.

Jpegoptim Installation:
Open up the terminal and type following command to install Jpegoptim:
sudo apt-get install jpegoptim

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677511822.html

- Advance Music Player and Organizer - Clementine

Clementine is a multiplatform music player. It is inspired by Amarok, focusing on a fast and easy-to-use interface for searching, organizing and playing your music.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167752278.html

- How to Reset Windows (NT / 2k / XP / Vista / Win7) password using Ubuntu - chntpw

chntpw is a Linux utility to (re)set the password of any user that has a valid (local) account on your Windows NT / 2k / XP / Vista / Win7, by modifying the crypted password in the registry's SAM file. You do not need to know the old password to set a new one. It works offline i.e., you have to shutdown your computer and boot off a linux floppy disk or on the dual boot system.

In addition it also contains a simple registry editor (same size data writes) and an hex-editor which enables you to fiddle around with bits and bytes in the file as you wish.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167757233.html

- Parental Control System on Ubuntu Linux - Nanny


Nanny is an easy way to control what your kids are doing in the computer. You can limit how much time a day each one of them is browsing the web, chatting or doing email. You can also decide at which times of the day they can surf the net, email or chatting.

Nanny can also filters what web content for each specified users, so you can block all undesirable webs for your kids with ease of mind, no more worries!

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167753065.html

- Automatic SQL injection tool - sqlmap

Whatever you do with this tool is uniquely your responsibility. If you are not authorized to punch holes in the network you are attacking be aware that such action might get you in trouble with a lot of law enforcement agencies.

sqlmap goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167757265.html

- UI Application to find and remove orphaned libraries under Ubuntu - GtkOrphan

GtkOrphan (a Perl/Gtk2 application for debian systems) is a graphical tool which analyzes the status of your installations, looking for orphaned libraries. It implements a GUI front-end for deborphan, adding the package-removal capability.

This software is designed for Debian based distributions. It must be run with root privileges.

GtkOrphan Features include:
  * Simple, intuitive utility
  * On-the-fly changes
  * Shows packages in hibernation status
  * Internationalization support

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167757519.html

- Speed up web site using HTTP accelerator - Varnish

Varnish is a state-of-the-art, high-performance web accelerator. It uses the advanced features in Linux 2.6, FreeBSD 6/7 and Solaris 10 to achieve its high performance.

Some of the Varnish features include:
  * A modern design
  * VCL - a very flexible configuration language
  * Load balancing with health checking of backends
  * Partial support for ESI
  * URL rewriting
  * Graceful handling of “dead” back-ends

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677517163.html

- Kills all of the user's processes - Slay

Slay is a simple yet very handy shell script that kills all of the processes belonging to a specific user and displays an (optional) "Your current session has been terminated." to the user being booted.

slay finds and kills all the user's processes at once, saving you the trouble of hunting them down and killing them yourself. slay has four modes: nice, normal, mean, and butthead. Mean mode kills any nonprivileged user who attempts to slay another user. Set your desired mode in slay shell script.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/1357816775490.html

- Linux Distribution Specially for Children – DoudouLinux

DoudouLinux is a computer environment designed for children that is as simple to use as a gaming console. It is freely downloadable and contains about 50 applications that were selected on the basis of being easily accessible for children and/or dedicated specifically to children. Not to mention most were also selected because they are very fun and addictive! The selection includes educational and fun games, art-oriented applications (drawing, music), and work-oriented programs (dictionary, calculator, communication). Reading is not required for use and DoudouLinux is so simple that children as young as 2 years old can use it and quickly become autonomous. In addition, because most games teach along with entertaining, children actually learn many skills along the way.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/1357816775675.html

- Dynamic Managing the swap file creation & deletion - Swapd

Swap or virtual memory is a technique used to write some memory content, not used at the moment, to the hard disk to make room for a process which needs more memory now. swap is said to be 1000 times slower than having "real", physical memory.

By using swap space, programs can be started even when the memory is used to its maximum without having to shut down processes first. This also make a good buffer for when peaks of memory usage occur. Linux can add swap space in two ways, either as a swap file within the file system or as a separate partition.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167755134.html

- Linux Small Business Server (SMBs) - Zentyal

About 99% of companies in the world are small and medium businesses (SMBs) and generate more than half of the global GPD. But in times of crisis, this is the most vulnerable segment of the economy and therefore, the one that most urgently needs to reduce costs and increase productivity.

One of the best ways to reduce costs and to increase productivity in the SMBs is by introducing information and communication technologies (ICT). And the statistics of recent years, that show over 50% annual growth in the adoption of ICT solutions depending on the segment, support this fact.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677519484.html

- Real-time user logins monitoring tool - whowatch

Whowatch is an interactive ncurses who-like utility that displays information about the users currently logged on to the machine, in real-time. Besides standard informations (login name, tty, host, user's process), the type of the connection (ie. telnet or ssh) is shown. Display of users command line can be switch to tty idle time. Certain user can be selected and his processes tree may be viewed as well as tree of all system processes. Tree may be displayed with additional column that shows owner of each process. In the process tree mode SIGINT and SIGKILL signals can be sent to the selected process. Killing processes is just as simple and fun as deleting lines on the screen.

Whowatch has no command line options or configuration file.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167753363.html

- Text Watermarking and Watermark Recovery - Snowdrop

The traditional watermarking relies on embedding some information in a binary file (such a proprietary format document - Adobe PDF, MS Word or multimedia files) to identify the origin of a particular copy. Watermarking can be combined with steganography to hide this data from a casual viewer.

Snowdrop is intended to bring (relatively) invisible and modification-proof watermarking to a new realm of "source material" - written word and computer source codes. The information is not being embedded in the least significant portions of some binary output, as it would be with a traditional low-level steganography, but into the source itself.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167752777.html

- How to test DNS server for host Resolution

The Domain Name System (DNS) is a standard technology for managing the names of Web sites and other Internet domains. DNS is an Internet service that translates domain names into IP addresses. Because domain names (example - google.com) are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name www.google.com.com might translate to 209.85.153.104.

The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677516817.html

- Linux Remote Support Software - Bomgar

Do you use both windows and Linux? Wish you could remote into Windows from Linux and to other Linux distributions? Well, you can. Just like when using a Remote Desktop Connection between Microsoft platforms (or remoting between Linux machines), you can bring up the desktop of the other platform. You can click around the desktop and run applications just as if you were sitting in front of the computer.

Linux has a strong foothold in the server market and an increasing number of companies and government institutions standardizing on it. If your enterprise is strong on support, then you owe it to yourself to try something more standard and secure solutions.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/135781677516254.html

- How to add CD-ROM to the sources.list file in Ubuntu / Debian Linux

If you'd rather use your CD-ROM for installing packages or updating your system automatically with APT, you can put it in your sources.list.
Open up your terminal and type following command to add CD-ROM to your sources.list file
sudo apt-cdrom add

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/01/13578167751510.html

- Ubuntu based Penetration Testing Distribution - Blackbuntu

Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security.

Blackbuntu is Ubuntu base distro for Penetration Testing with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677517496.html

- Detail Memory Reporting Tool for Linux System - smem

smem is a tool that can give numerous reports on memory usage on Linux systems. Unlike existing tools, smem can report proportional set size (PSS), which is a more meaningful representation of the amount of memory used by libraries and applications in a virtual memory system.

Because large portions of physical memory are typically shared among multiple applications, the standard measure of memory usage known as resident set size (RSS) will significantly overestimate memory usage. PSS instead measures each application's "fair share" of each shared area to give a realistic measure.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677512835.html

- Framework to Find and Exploit web Application Vulnerabilities - w3af

You may use this tool at your own risk!

w3af is a Web Application Attack and Audit Framework which aims to identify and exploit all web application vulnerabilities.

The framework has been called the "metasploit for the web", but it's actually much more than that, because it also discovers the web application vulnerabilities using black-box scanning techniques!

The w3af core and it's plugins are fully written in Python. The project has more than 130 plugins, which identify and exploit SQL injection, cross site scripting (XSS), remote file inclusion and more.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/1357816775954.html

- Protect MySQL Database from SQL injection attacks - GreenSQL

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL and PostgreSQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

GreenSQL works as a reverse proxy for MySQL connections. This means, that instead of connecting TO THE MySQL server, your applications will connect to the GreenSQL server. GreenSQL will analyze SQL queries and then, if they're safe, will forward them to the back-end MySQL server.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/13578167752957.html

- Web Application Security Scanner by Google - Skipfish

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

Keep in mind that all types of security testing can be disruptive. Although the skipfish scanner is designed not to carry out malicious attacks, it may accidentally interfere with the operations of the site. You must accept the risk, and plan accordingly. Run the scanner against test instances where feasible, and be prepared to deal with the consequences if things go wrong.

Use skipfish only against services you own, or have a permission to test.
Use skipfish at your own risk.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677510556.html

- Get Security Information about your PHP environment - PhpSecInfo

PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

 * It is not a replacement for secure coding practices
 * It does not audit PHP code
 * It is not comprehensive test for either your hosting environment or your web application
 * It is not the "final word."  PHPSecInfo identifies *potential* problems and offers suggestions for improvement.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/13578167753814.html

- UI Application to take System Backup and Snapshot - TimeVault

Backing up data can be difficult, especially when you only want to copy files that changed since the last backup. It can be even more troublesome when you have to remember to start the process manually,or you have to delete old backups to make room for new ones. Because of these difficulties, some people decide not to back up data at all, and feel the pain when they accidentally delete the wrong file or their system crashes. TimeVault is a backup utility for Ubuntu that addresses these problems.

TimeVault is an UI application that performs a function similar to Apple's TimeMachine. It makes automated snapshots of (selected parts of) the file system. You can roll back to a previous version of a file or directory, or just view it the way it was when the snapshot was taken. Snapshots are protected from accidental deletion or modification since they are read-only by default. The super-user can delete intermediate snapshots to save space, but files and directories that existed before or after the deletion will still be accessible

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/13578167756708.html

- How to Remove old and un-used Kernel from System and Grub Menu - Ubuntu Linux

The kernel is a piece of software that, roughly speaking, provides a layer between the hardware and the application programs running on a computer. In a strict, computer-science sense, the term 'Linux' refers only to the kernel - the software that Linus Torvalds wrote in the early 90s.

All the other pieces you find in a Linux distribution - the Bash shell, the KDE window manager, web browsers, the X server, Tux Racer and everything else - are just applications that happen to run on Linux and are emphatically not part of the operating system itself.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677516124.html

- Install Flash 8 or Flash CS3 on Ubuntu Linux - Wine

Wine is an Open Source implementation of the Windows API on top of X and Unix. Wine provides both a development toolkit for porting Windows sources to Unix and a program loader, allowing many unmodified Windows binaries to run on x86-based Unixes.

Install the latest version of wine:
Ubuntu and Ubuntu derivatives (such as Kubuntu) obtain software from packages which are stored in repositories. Ubuntu's default repository includes Wine, however if you want to stay up to date with the latest Wine package you can use WineHQ's by following these instructions, open up the terminal (Applications > Accessories > Terminal) and type following command to install latest version of wine
sudo add-apt-repository ppa:ubuntu-wine/ppa
sudo apt-get update
sudo apt-get install wine
Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/13578167757286.html

- Transparent Caching ftp proxy server - frox

Frox is a transparent FTP proxy that runs under Linux and *BSD. It should also work on other UNIX OSes that use ipfilter.

Frox Features:
 * active - passive mode conversion for data connections.
 * It supports caching of FTP downloads, either through a local cache, or by redirecting connections through another proxy such as squid.
 * Downloads may be transparently scanned for viruses (through an external scanner).
 * Optional non-transparent proxy support by logging in with user@host:port.
 * Options to bind to a specific interface, chroot, and drop priveleges for security.
 * Written with security in mind, default setup runs as a non-root user in a chroot jail.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677510379.html

- Penetration Testing data management and reporting tool - MagicTree

MagicTree is a penetration tester productivity tool. It is designed to allow easy and straightforward data consolidation, querying, external command execution and report generation. In case you wonder, "Tree" is because all the data is stored in a tree structure, and "Magic" is because it is designed to magically do the most cumbersome and boring part of penetration testing - data management and reporting.

MagicTree stores data in a tree structure. This is a natural way for representing the information that is gathered during a network test: a host has ports, which have services, applications, vulnerabilities, etc. The tree like structure is also flexible in terms of adding new information without disturbing the existing data structure: if you at some point decide that you need the MAC address of the host, you just add another child node to the host node.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677516643.html

- Tool to Detect SQL Injection - SQLInject-Finder

SQL injection is yet another common vulnerability that is the result of lax input validation. Unlike cross-site scripting vulnerabilities that are ultimately directed at your site’s visitors, SQL injection is an attack on the site itself—in particular its database. The goal of SQL injection is to insert arbitrary data, most often a database query, into a string that’s eventually executed by the database. The insidious query may attempt any number of actions, from retrieving alternate data, to modifying or removing information from the database.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/02/135781677513842.html

- Introduction to Linux Based and Reseller Web Hosting

A web hosting service is a type of Internet hosting service that allows individuals and organizations to make their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own or lease for use by their clients as well as providing Internet connectivity, typically in a data center.

Most people that have any affinity with Internet and Internet websites will have heard of Linux and UNIX Hosting. The true question that you might have is of course, what is it and how can it benefit me?

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/03/13578167758607.html

- How to read the content from the RAM (Random Access Memory)

RAM Stands for "Random Access Memory,". RAM is made up of small memory chips that form a memory module. These modules are installed in the RAM slots on the motherboard of your computer.

RAM (random access memory) is the place in a computer where the operating system, application programs, and data in current use are kept so that they can be quickly reached by the computer's processor. RAM is much faster to read from and write to than the other kinds of storage in a computer, the hard disk, floppy disk, and CD-ROM. However, the data in RAM stays there only as long as your computer is running. When you turn the computer off, RAM loses its data. When you turn your computer on again, your operating system and other files are once again loaded into RAM, usually from your hard disk.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/13578167753881.html

- Graphical Desktop Wiki - Zim

Zim is a graphical text editor used to maintain a collection of wiki pages. Each page can contain links to other pages, simple formatting and images. Pages are stored in a folder structure, like in an outliner, and can have attachments. Creating a new page is as easy as linking to a nonexistent page. All data is stored in plain text files with wiki formatting. Various plugins provide additional functionality, like a task list manager, an equation editor, a tray icon, and support for version control.

Continue Reading...


source:http://linuxpoison.blogspot.com/2011/04/13578167753154.html