Focus on Software

David Bandel

Issue #88, August 2001

Everywhere I look, I see (and install) more and more Linux desktops.

Well, it looks like all the big boys (Red Hat, Caldera, Mandrake, etc.) have thrown in their hats and said, “Linux is not ready for the desktop.” At least that's the message. Hey, Microsoft, you won without a fight! I don't know what the CEOs of these companies are smoking, but it must be very strong stuff. Everywhere I look, I see (and install) more and more Linux desktops. And you know what? The folks for whom I do the installs don't understand why they couldn't have a desktop before that was this robust, this good, this inexpensive. But these now publicly held companies I mentioned above are talking about 1) raising the price and 2) charging a per-CPU license. As far as they're concerned, the free ride is over. Time to pay the Linux distributors. If I didn't find Debian's GNU politics so annoying, I'd start using it. Maybe it's time to start my own distro? Or at least one for my clients? At least that would eliminate the unpleasant surprises that accompany each new release, and I could decide what's best for my clients rather than using a distribution whose creators seem increasingly out of touch with what's happening with their VARs and customers.

webCDwriter:

http://www.uni-bielefeld.de/~jhaeger/webCDwriter/

Now this is nice (and convenient). webCDwriter lets you surf over to your web server/CD burner and burn a CD of files on your local machine across the network. This is truly convenient, and any user can do it. In fact, its simplicity and ease of use may be its biggest drawback. You may find your CD burner is suddenly running overtime burning CDs from all over your network. No more excuses for not having a burned copy of important files and directories because the CD burner is on a remote system, and it's inconvenient transferring the files. Guess I'll have to invent yet another excuse. Requires: Java, cdrecord, mkisofs, web server, web browser w/ Java support.

Heroes:

http://heroes.sourceforge.net/

This particular game is a cross between Snakes and Nibbles, based on the old DOS Heroes game. The graphics are quite good, and game play is fast. The complete Heroes code includes a large number of soundtracks, more levels than most normal gamers can play in a night and several game modes. Requires: libm, libmikmod, libpthread, libdl, libSDL, libartsc, libX11, libXext, glibc.

Port Scan Attack Detector:

http://www.cipherdyne.com/psad/

This Perl utility takes advantage of iptables or ipchains logging and uses the logged information to determine whether the system is under attack. The parameters are highly configurable. psad can send an e-mail to the administrator when it sees a scan. The e-mail will include custom whois information. This is a fairly simple but effective tool (along the lines of courtney), but it doesn't put your Ethernet card in promiscuous mode and will watch only those ports you have logging on. Requires: Perl, Perl modules: Socket, Getopt::Long, File::Stat, and Data::Dumper.

iptrap:

http://www.jedi.claranet.fr/

If you are very paranoid or just under attack often (as my servers are), you can block offending IPs quickly and easily with this tool. I tested it on my local system that does not run mail. Telling it to block any host hitting port 25, I Telnet to another system, then Telnet back to the local system on port 25. Instantaneously, I had a rule inserted in the input chain. I had told it to REJECT rather than use the default DROP, and the resulting iptables rule showed a reject with port-unreachable. Nice. This will be put to good use. Can also run external scripts that e-mail you the output from a `dig -x <offending IP>`. Requires: glibc and iptables (or ipchains).

Password Expiration Agent:

download only: http://frida.fri.utc.sk/~behan/devel/passwd_exp/

This script, run daily, will look through your /etc/shadow file and send an e-mail to any user whose account is about to expire or be disabled. Personally, as an administrator, I like to get the list and send out notifications where appropriate myself. But if you have a lot of accounts or just don't want to bother, this is the way to do it. Requires: Perl, Perl modules provided by author (RcRecord.pm, spent.pm).

Linux Terminal Server Project:

www.ltsp.org/index.php

I don't know if any of you have had the need to set up a diskless workstation on a system served from another Linux system via TFTP. I remember the ordeal well. The HOWTO was woefully inadequate in many parts. So, I decided to repeat the experiment using ltsp. In just about 30 minutes, it was up and running. Okay, so I had a head start having done it once before. Drawback: unless you're running Red Hat, Debian or Caldera, be prepared to do it by hand or hack the install scripts. (That's what I had to do on my Caldera system because it didn't understand Caldera 3.1, only 2.4.) Requires: installed and running XDM, KDM or similar, DHCP server, TFTP. Workstation capable of a network boot or floppy boot.

gTaxEstimator:

http://www.gtx.seul.org/

Tax time is past, but it's coming around again fast. And while gTaxEstimator isn't yet ready for prime time, it could be by next tax season. Personally, I'm hoping for support for Schedule 2555 soon. The interface is simple and clean. This is probably the most promising piece of software I've seen in a while. Let's face it, if you live in the US (or even if you don't but are a US citizen), there's no escaping the Internal Revenue Service. Requires: libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, libz, glibc.

Make CD-ROM Recovery Utility:

http://mkcdrec.ota.be/

The mkCDrec utilities allow you to do several different things. They allow you to make an el-torito bootable CD for system rescue. They also allow you to back up your entire system to multiple CDs. You'll also need the mkCDrec utilities if you want to do system restores. You can backup systems that don't have burners, either by creating the iso image(s) and transferring them for later burning or using NFS to write the ISO image(s) to the system with the burner and burn later. Either way, this utility is convenient. Requires: Running system w/ mkisofs gzip, access to a system with cdrecord, mkisofs, gzip.

Until next month.

David A. Bandel (dbandel@pananix.com) is a Linux/UNIX consultant currently living in the Republic of Panama. He is coauthor of Que Special Edition: Using Caldera OpenLinux.