Maintaining Old Ubuntu server

I have a really old Ubuntu (11.04) headless server installed on one of the client location.

The application created needed some update but unfortunately the Git was not installed on the system.

While trying to apt-get install git, got 404 (HTTP not found) error. When tried to do an apt-get update lots of 404 errors were there as Ubuntu 11.04 has reached end of life.

A quick search on the Google and found that old releases of Ubuntu are hosted on old-releases.ubuntu.com server(s).

To use this server I have to manually update /etc/apt/sources.list file

In the source list file I have to replace all instances of archives.ubuntu.com & security.ubuntu.com with old-releases.ubuntu.com followed by apt-get update

Finally was able to install git on the target system from old-releases servers of Ubuntu.

Advertisements

Tips and Tools: To Securing yourself against on-line attacks

Recently an old friend Philip Tellis posted an article on web application security for developers. Even when you are security conscious and use tools to protect yourself, you can become a victim of security breach as I have posted in this article. That made me thinking what as a user of the web applications you should be doing to secure yourself against various on-line attacks?

Here are some tips and tools you should use to secure yourself while you are on-line.

Protection against Cross-site scripting (XSS), Cross-site request forgery (CSRF/XSRF), Clickjacking :

I found Firefox with NoScript extension very useful in protecting me against the above attacks. With this extension you just allow the site/domain you are visiting to load JavaScript(s). This way you are eliminating possibility of loading scripts from the sites outside the page you are visiting. NoScript provides you with complete control of loading of JavaScript(s) on a web page.

Choose a secure browser:

I strongly recommend that you use more secure browsers like Firefox or Chrome. These browsers are open source and known to have better security track record in finding and fixing security related issues faster. Also keep these browsers updated regularly for any security related other bug fixes.

Choose a secure OS platform:

I use GNU/Linux as OS on my Desktop. This provides me added level of security as this OS is designed as multi-user system which automatically restrictsΒ  permissions to system files from normal users. This helps in restricting spread of virus and other malwares that threaten your security and privacy on-line.

Keep separate profiles:

I use Firefox as my primary browser for all my on-line needs. Firefox supports multiple profiles and private browsing. I have created multiple profiles for my different needs. I have profile for my emails, net banking and other financial transactions. This profile is loaded with strict security in mind and starts with private browsing mode by default. That way no passwords, cookies, sessions and cache is stored on my system when I close the browser. I also do not click directly on links that I receive via email, IM or social networking feeds. I generally copy the link and open the link in a general profile.

I have separate profile for my general browsing needs. This profile is little less restrictive bus still loaded with NoScript. This way any rouge or compromised web sites will not have access to my sensitive information.

Use secure pages for logins:

Wherever, a site offers secure (HTTPS) and non-secure (HTTP) for a login page prefer secure page. One such notorious site is IRCTC Rail Ticket booking site.

Use strong passwords

Many sites today requires you to login to transact business. Use passwords that are mixture of Capital and small letters and numbers and punctuations.

Keep different passwords for critical and non-critical sites.

You

Cross-site scripting (XSS)

BBC News – Sick PCs should be banned from the net says Microsoft

“Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware,” he wrote in the accompanying paper.

via BBC News – Sick PCs should be banned from the net says Microsoft.

Instead of going to such a length to just get on-line, why not just dump MS Windows, the root cause of all these trouble, and switch to GNU/Linux.

Switching to GNU/Linux is easy as you get to choose variety of User Interfaces and integration of productivity tools in the form of Distributions like – Debian, Ubuntu, Fedora, OpenSuSE, Linux Mint, Mandriva and many more to suite your taste.

Ubuntu Desktop: just awesome

Some time back I downloaded the latest Ubuntu Linux desktop. I used UNetbootin to convert an ISO image to USB bootable key.

I booted with this newly created USB key and I was awestruck with new desktop interface.

I have about an year old Acer Aspire One netbook. the new Ubuntu desktop detected all my hardware without any tricks!

The in-built web cam just worked out of the box. so is the wired and wireless network. sound also worked without a hitch and sound quality is much better then my current Fedora 10. It even detected my iPhone and mounted iPhone filesystem at just one click.

Since my netbook is not equipped with Bluetooth, I have got a cheap USB Bluetooth device. connecting other bluetooth devices was breez.

Even though Ubuntu was running from USB 1.0 flash key, it was fast. all the applications required by an average user was right there on the main desktop.

It already packs latest version of Firefox and all other applications where nicely arranged and can be accessed with just two clicks. No complicated start menus and searching for applications.

Even the User Interface is very responsive and quick with opening of applications. This 700 MB OS packs enough punch and you can even continue to use the OS from USB key!

For an average Desktop users who needs mostly a web browser, office productivity tools and want to be productive immediately this is the platform of choice.

Next I will install this new cool OS on my netbook and give it a spin.

Installing Google Chrome on Fedora 10

I had some problems with Bookmarklets (a small piece of JavaScript to run from your address bar) in Firefox. The other browser with bookmarklet support was Google Chrome. However, being a non-free software, Chrome is not available in Fedora Repositories.

Google Chrome is available for GNU/Linux in Debian’s DEB package format. That means I can download the DEB package and use “alien” to convert to an RPM package and install on my Fedora. For some strange reason even alien is not available in Fedora repository.

Continue reading “Installing Google Chrome on Fedora 10”

Citizen Identification System

Many years ago I made this presentation in on of the FOSS event – FreeDel at JNU, New Delhi in hope that some decision makers will be there and will be able to catch the idea.

Citizen Information/Identification System Presentation in PDF Format

My presentation was attended by huge audience of 6 people. πŸ™‚

Continue reading “Citizen Identification System”

FOSS and Indian Politics

Finally some good news came for Free and Open Source Software (FOSS) when a large Indian National Political Party, Bhartiya Janata Party (BJP), adopted key points of the FOSS Manifesto as BJP’s IT Vision Document prepared by the FOSS community of India.

It is heartening to know that a mainstream political party recognizes and acknowledges the FOSS movement and adapts it in their election manifesto. We must thank Venky from RedHat and others from the FOSS Community for working hard and make this a reality.

However, our work as community does not stop here. We must go out and convince other political parties the importance of the FOSS. Following are few of the reasons that can appeal to other political parties as well who have vision for India beyond becoming a Prime Minister of the country.

Economics:
When you think of enabling a billion plus population with Information Technology in the area of e-governance, education, communication, job creation etc., we can not afford to spend billions of rupees or dollars in licensing cost. Not only that, we can not afford to spend valuable foreign currency on acquiring the closed source software. We are already in trouble due to our dependence on oil imports. We surely do not want to fall in same trap regarding software, especially when we boast of being the software super power.

Strategic reasons:
We can not afford to put our sovereignty at stack by using closed source software. We can never know what will be the part of closed source software which can give complete control of our strategic information in the hands of competing foreign powers whether in area of defense or commerce or internal and external security. The FOSS ensures that we are in control of our data and information and IT infrastructure and how it moves between different parties.

Social reasons:
If we ever hope to integrate our large and diverse population, we have to make the IT available in their language and at their terms. FOSS ensures and thrives on people’s participation. This is complete democratic movement where people decides what and how they want to use IT to enrich their lives.

There may be many more reasons why FOSS is superior to closed source software and invite you to share your thoughts on these subject.