Skip to main content

Posts

Showing posts from March, 2009

Fighting Linux Rootkits

Recently having had an unpleasant experience with a rootkit that was installed in /var/tmp, better security measures were clearly needed.

Unfortunately, /tmp and /var/tmp are world-writable by necessity and are the favorite target of rookit users. It would be nice to have some sort of protection on these directories and the easiest way is to mount a filesystem image using the loopback device and mount it with noexec and nosuid options via /etc/fstab.

Create the file system image, change its permissions with chmod 1777 and keep it in /boot; 1,200,000 512-byte blocks should be a good size and not waste too much disk space for small files. If your needs are different, adjust accordingly.

# dd if=/dev/zero of=/boot/tmp.img bs=512 count=1200000

This produces a disk size of roughly 300M.

The filesystem format chosen for this particular task is Reiserfs because it handles large amounts of smaller files very well. We need to use the -f option because the file is not a block special device. If the…

FFMPEG-0.5 Compile for Mandriva 2009.0

As you may be aware, ffmpeg now is at version 0.5

Since an updated RPM package is not yet available, I decided to compile ffmpeg-0.5 on my Mandriva 2009.0 system to support all available codecs and optimize the binary for speed.

A number of ffmpeg codec options are disabled by default because of copyright/patent issues making them not re-distributable. But as an individual, we can enable them and break no laws as long as we do not provide copies of the binaries to others. Sources for the non-free codecs are available to be built manually, but all are available for Mandriva from PLF.

The ffmpeg source code is here.

After unpacking the source code archive, do a quick ./configure and you'll see the potential available codecs and other options by looking at the file. You'll need to install all the libraries (plus the *-devel stuff) to compile ffmpeg. Looking at config.err was very useful in determining what problems I had during the attempts at compiling.

I used (all on one line)…

Compressing Files to Save Space

Binary Compression

If you need to save space on your Flash-drive-based Linux OS. you might consider UPX, self-described as the "Ultimate Packer for eXecutables".

UPX is free and provided under the terms of the GPL. It uses a proprietary compression algorithm, the NRV compression library, but can be used with reduced efficiency with the UCL compression library.

It offers very fast in-place decompression and is available for several platforms other than Linux, including ARM, MIPS, PowerPC, DOS and Win32.

For Win32 platforms, there is a GUI version (download here), but it uses an older version of UPX as its base which should not be a problem if all you are only compressing Win32 binaries.

The command line version works on all supported executable formats in all OS versions.

Data Compression

If you just need to compress non-executable files, 7-Zip is a file archiver with the high compression ratio. The program only supports the 7z, ZIP, GZIP, BZIP2 and TAR for packing, but unpac…

Using Linux for MS Windows Anti-Virus Removal

Here's an amusing way to tell someone, essentially, to RTFM.

I saw this link in a Slashdot story about malware and virus removal, but the offered link was identified as a Linux solution.

Anyway, it's easy to see how the URL is crafted, so now you can pimp slap someone who should have Googled it in the first place.

http://lmgtfy.com/?q=live+cd+windows+antivirus

And lmgtfy stands for "Let Me Google That For You" in case you missed the joke.

Funny.
Useful.
Satisfying.

BTW, the Linux solution would be a LiveCD version of Knoppix using BitDefender.

Here's the main site.

And the link to the RPM and DEB downloads.

And the link to the current LiveCD. The MD5SUM of the ISo image is 2404d4abeb23532ef842d940ccc3aeaa.

Of course, you could build your own LiveCD.

But even better, use TRK,  the Trinity Rescue Kit, a bootable Linux CD that offers several virus scanners as well as Windows cleaning, password and rescue utilities plus a Linux distro with ssh, file-sharing, backup a…

Mandriva RPM Meta-Packages

Mageia now provides a few meta-packages, which are small RPM files that contain only the dependencies needed for the application(s) they address. Essentially, a package of package names to be installed. The meta-packages all begin with the name task- and are found in the repositories.

For example, using urpmi to install task-kde4 will install all the files needed for a full KDE desktop; task-kde4-minimal installs a minimal desktop; task-gnome installs the full GNOME desktop; likewise task-e17, task-xfce and task-lxqt easily install those desktops.

There are task- packages for Blackberry and Nokia syncing, and task-lamp installs a full Linux-Apache-MySQL-PHP server plus ProFTP.

You can use urpmq -d task-package to see what dependencies will be installed.

All the task- packages have a .src.rpm and that can be installed, modified and compiled to change things. I have experimented with the LAMP module to NOT install Apache so I can try the nginX web server.

One possible use of meta-packa…