Monthly Archives: October 2009

Basic Rules of Working with Secret Information

Due to the fact that free operating systems are designed with the modern conceptions of data security in mind, users should know that the main reason of the most “cracking” and data-stealing cases is their lack of attention, and not bugs or errors in the software they are using.

Let’s start with such an understandable and well known notion as password. By entering password user authentication, i.e. confirmation that the account will be used by its owner, occurs.

Users should know that operating systems are generally well secured to prevent unauthorized use. That’s why for a violator it’s much easier to get somehow user’s password and login into system pretending to be an authorized user. So instead of cracking security systems that become more and more complicated, violators tend to use methods of social engineering, manipulating users for the only purpose of gathering the information they need.

Kevin Mitnick (former hacker, current security consultant) emphasizes that “it is much easier to trick someone into giving a password for a system than to spend the effort to hack into the system.” He argues that it was the single most effective method in his arsenal.

Continue reading

Setting Up PPPoE Connection in Linux

Broadband access and Next Generation Networks (NGN) conception became part of everyday life. According to Parks Associates the number of households worldwide with broadband is approaching to 500 million and it may reach close to 650 million by 2013. The demand for speed of data transferring always increases, just as the amount of users who are connected by means Ethernet, which allows them to connect to the network with the speed up to 10Gb/sec.
Internet Service Providers (ISP) that provide users with Ethernet-channel generally use the following technologies for user authentication and billing:

  • User account binding to the physical line, for example, using MAC-address of the network interface. Linux user has to configure network interfaces to establish such a connection;
  • VPN-technologies allowing user authentication and secure connection. For example, PPTP, L2TP or IpSec;
  • PPPoE (Point-to-Point Protocol over Ethernet) which this article is about.

PPPoE represents a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. PPPoE expands the capability of PPP allowing a virtual Point-to-Point connection over a multipoint Ethernet network architecture. Given protocol was published by IETF in 1999 and its specification is RFC 2516.

In fact PPPoE does not have important advantages in comparison to the above mentioned alternatives. However the following ones can be emphasized:

  • It’s significantly more secure than MAC-binding and allows user to change network interfaces connected to the provider without appealing to provider’s customer support; still it slightly reduces the bandwidth of the network interface;
  • Its configuration is simpler that the one of VPN-connection and requires less parameters to be introduced by user. In particular there is no need to configure IP-address or to specify the address of VPN-server.

Thus, most likely you will encounter PPPoE just because you ISP will provide the Internet via this technology. Although provider’s technical support generally can help you just with Windows, you can easily connect your PC with Linux operating system following our instructions.

Continue reading

Using RAR in Linux: Guide and Samples

Nowadays almost everyone who had ever used a computer knows what a file archiver is. It represents a program that combines a number of files together into an archive file for easier storage. Although many users consider that file archivers are used to compress the data in order to reduce the size of the archive, their functions are not limited to that. For instance, the most basic archivers just take files and create an archive without compressing them.

There are multiple compression algorithms available to compress data. You should remember that some kinds of data can be highly compressed and some kinds of data do not benefit from compression. At the moment archive formats are also used to package software files for distribution, installation, and execution.

Let’s see what the most popular archive formats are and what they are used for. All of them are divided into 5 different types:

1. Archiving only formats (only combine files):

ar, cpio, tar and etc.

2. Compression only formats (only compress files):

gzip, bzip2, LZMA, compress and etc.

3. Multi-function formats can combine, compress, encrypt, create error detection and recovery information, and repackage the archive into self-extracting/self-expanding files:

7z, ACE, ARC, cpt, dmg, GCA, kgb, LZX, RAR, qda, ZIP and etc.

4. Software Packaging formats are used to create software packages that may be self-installing files:

deb, pkg, RPM, MSI, JAR and etc.

5. Disk Image formats are used to create disk images or optical disk images of mass storage volumes:

OEB Package Format, OEBPS Container Format, Open Packaging Conventions and etc.

If you would like to learn more about archive formats, please visit this page.

Most likely you’ve already understood that in the given post we are not going to review all the archive formats, but the most popular one – RAR.
As it was mentioned before RAR is a multi-function archive file format that supports data compression, error recovery, file spanning and etc. Though at the moment it’s licensed by Win.rar GmbH, it was originally developed by Russian software engineer – Eugene Roshal (RAR comes from Roshal ARchive).

You should know that RAR files can be created only using commercial software and the one that has permission from the author. In fact the only freeware that can be used to create RAR files is RAR for Pocket PC.

Continue reading

Searching files in Linux

No doubt every single user from time to time uses search function because it’s almost impossible to remember where all the files are saved. This function is even more useful when you need to find a system file, library and so on.

Most likely the great majority of you are familiar with Windows Search Function that is pretty easy to use. In fact all Linux distributions have such an option (a graphical one) as well, so you won’t lack any functionality. However if you want to be able to find absolutely everything you need, it’s better to choose command line that has some really powerful tools to use.

In the given post we are going to review some of these tools in detail. Nevertheless it should be emphasized that there is no need to worry even if you don’t really like using command line, because no scripts or complex expressions will be discussed – just easy and understandable methods.

First of all we need to define common types of search requests. Here are the most important ones:

  • Search by file name or mask (this type also includes file searching according to a certain path and exclusion of a particular path from the search)
  • Search by file type (extension)
  • Search by file access/creation/modification date/time
  • Search by file size
  • Search by file owner and access permissions
  • Search of system and executable files

As far as the commands used to find files are concerned there are four of them to be reviewed:

1) find

This command is considered to be the most powerful one. It checks the file system in real time based on certain criteria. That means you will always get the most up-to-date results without the necessity to update a database. Of course, you can perform all sorts of operations on the files that were found. In addition to that is should be emphasized that file command allows you to check temp folders as well (in comparison with locate command).

However due to the fact that file command does search through the file system hierarchy, it’s considerably slower than other commands. That’s why it’s recommended to narrow your search (of course, if there is such a possibility) by searching in certain directories.

2) locate

The locate command uses a database (instead of file system itself) for searching, so it’s significantly faster than file command. However using database means that the database has to be updated in order to ensure proper search results (all new files have to be included and deleted ones mustn’t be considered). Once your database is updated you are ready to search. To update the database the only thing you should do is to run the following command:

updatedb

Taking into consideration the fact that many users may forget to update the database each and every time, it’s recommended to set up a cron job for that purpose. Here you can learn more about the cron.

3) whereis

Given command is useful in case you need to find source, binary and/or executable files which are associated with manual pages. As a return of this command you get the path.

Let’s check an example. Suppose that you need to find out where Firefox is installed. Here is what you enter and what you get:

whereis firefox

firefox: /usr/bin/firefox /etc/firefox.cfg

4) which

The which command being pretty simple is very similar to the previous one (whereis command) but it shows you the full path of shell commands instead.

It’s very useful for finding out “which” binary the system would execute if you typed the command out. Since some programs have multiple versions installed the which command comes in handy to tell you which version it is using and where it is located.

Continue reading