Loading ...
chage changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change her password. The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when her password or account is due to expire.
Want to avoid throttling? Hide your location from peers connected to the same torrent? Block Comcast’s TCP packet resets? Or use PeerGuardian blocklists in your torrent client? Then read on.
A while back I wrote a piece about how to Secure the hell out of your Linux box, and I thought I’d follow up with the same but for the Windows world. Yes yes, this is a Linux blog and this kind of post won’t happen all that often, or possibly never again, but security I feel is far more important than technological allegiances.
TrueCrypt (http://www.truecrypt.org/) is a popular free on-the-fly disk encryption software that can encrypt files, partitions, whole disks and even a windows installation. It is an extremely useful and important tool if you wish to keep personal and confidential data from being accessed by unauthorized people. TrueCrypt even supports plausible deniability, allowing you to hide an encrypted volume inside another volume. TrueCrypt volumes are indistinguishable from random data, so an adversary cannot prove that you have a TrueCrypt volume hidden inside a dummy encrypted volume.
Unfortunately, the TrueCrypt website only provides binaries for Ubuntu and OpenSuSE, so for those of us running other distros, the only option is to compile from source. The steps below outline the installation procedure on a Fedora 9 machine.
We can have the most secure box in the world but that doesn’t mean necessarily that we’re safe. There are a lot of interested parties in the world that want your information and the list of who those interested parties are grows by the day. Looking for a job? Well, the companies you’re applying to are running Google searches on your real name, your email address, and any screenname you may have given them, looking you up at LinkedIn, Myspace, Facebook, etc. Making online purchases? Well, both the identity thief and the government would love to track those transactions. Searching for information related to an embarrassing situation in your personal life? Google saves those searches. Like to show off your musical tastes on Last.fm? Congrats, you’re probably broadcasting a good portion of the music you’ve pirated. Logging in to a site to pay a bill? There’s a cracker out there that would love for your password to be transmitted in plain text, rather than encrypted. And lets not forget the fact that AT&T spies on the American populace for the NSA, MPAA, RIAA, and probably any other organization that asked it to. Even if you truly trust a company, you never know what information of yours could be handed over in a lawsuit. Think you’re hidden behind a screen-name? Think again.
I should give a little warning, I do suggest people follow all of these tips, but they are for the paranoid and some will consider it over board.
Related Reading on TuxTraining.com
Many of us have been in this scenario - you’re on the move, using a random WiFi connection that you can get. You want to browse around to all your favourite sites, including ones where you log in over normal HTTP, but you’re not entirely convinced of the security of the connection, so you don’t.
If you have access to pretty much any server running SSH where you can log in, you actually can set up a secure tunnel to route all of your data through using nothing more than what you already have. Kind of like a very simple VPN, that you can do on the fly.
Multiple sites reported a while ago that Comcast was using Sandvine to do tcp packet resets to throttle BitTorrent connections of their users. This practice may be a thing of the past as it’s been found a simple rule in the Linux firewall, iptables, can simply just block their reset packets, returning your BitTorrent back to normal speeds and allowing you to once again connect to all your seeds and peer. So, if you are tired of Sandvine (the application used by Comcast to throttle Bit Torrent with fake TCP packet resets) screwing with your BitTorrent and a user of GNU/Linux, then this is for you. I will tell you how to take your bandwidth back.
Also see:
# nmap -v -sP 192.168.1.0/24
You can replace the 192.168.1.0/24 address with whatever your IP and subnet is.
Also, for a cleaner output that removes the lines that tell you an IP is not used, try the following:
# nmap -v -sP 192.168.1.0/24 | grep -v "appears to be down"
Have a network that you’d like to protect from macilious organizations? Well we’re in luck, now at the router level we can add peer guardian to ipcop based routers.
The install is rather simple, first thing first of course you must have Ipcop installed. Then grab ipcop-pglinux-1.5beta.zip from here.
Irssi is a popular IRC client. Its a very popular client for small window managers like fluxbox. This short howto will walk you though the steps for setting up a jail that only has a few commands in it and will help create a much safer IRC enviroment for you. There are a couple things you will need to have installed before we get started. First you need irssi, next you will need jail. First step is to install jail and irssi, so that irssi will work from your regular linux or unix install.
