Linux Blimp

Snort is an open source Intrusion Detection System that you can use on your Linux systems. This tutorial will go over basic configuration of Snort IDS and teach you how to create rules to detect different types of activities on the system.

For this tutorial the network we will use is: 10.0.0.0/24. Edit your /etc/snort/snort.conf file and and replace the “any” next to $HOME_NET with your network information as shown in the example screen shot below:

Alternatively you can also define specific IP addresses to monitor separated with comma between [ ] as shown in this screen shot:

Now let’s get started and run this command on the command line:

# snort -d -l /var/log/snort/ -h 10.0.0.0/24 -A console -c /etc/snort/snort.conf

Where:
d= tells snort to show data
l= determines the logs directory
h= specifies the network to monitor
A= instructs snort to print alerts in the console
c= specifies Snort the configuration file

Lets launch a fast scan from a different device using nmap:

And lets see what happens in the snort console:

Snort detected the scan, now, also from a different device lets attack with DoS using hping3

# hping3 -c 10000 -d 120 -S -w 64 -p 21 –flood –rand-source 10.0.0.3

The device displaying Snort is detecting bad traffic as shown here:

Since we instructed Snort to save logs, we can read them by running:

Introduction to Snort Rules

Snort’s NIDS mode works based on rules specified in the /etc/snort/snort.conf file.

Within the snort.conf file we can find commented and uncommented rules as you can see below:

The rules path normally is /etc/snort/rules , there we can find the rules files:

Lets see the rules against backdoors:

There are several rules to prevent backdoor attacks, surprisingly there is a rule against NetBus, a trojan horse which became popular a couple of decades ago, lets look at it and I will explain its parts and how it works:

alert tcp $HOME_NET 20034 –> $EXTERNAL_NET any (msg:“BACKDOOR NetBus Pro 2.0 connection
established”; flow:from_server,established;
flowbits:isset,backdoor.netbus_2.connect; content:“BN|10 00 02 00|”; depth:6; content:“|
05 00|”; depth:2; offset:8; classtype:misc-activity; sid:115; rev:9;)

This rule instructs snort to alert about TCP connections on port 20034 transmitting to any source in a external network.

-> = specifies the traffic direction, in this case from our protected network to an external one

msg = instructs the alert to include a specific message when displaying

content = search for specific content within the packet. It can include text if between “ “ or binary data if between | |
depth = Analysis intensity, in the rule above we see two different parameters for two different contents
offset = tells Snort the starting byte of each packet to start searching for the content
classtype = tells what kind of attack Snort is alerting about

sid:115 = rule identifier

Creating our own rule

Now we’ll create a new rule to notify about incoming SSH connections. Open /etc/snort/rules/yourrule.rules, and inside paste the following text:

alert tcp $EXTERNAL_NET any –> $HOME_NET 22 (msg:“SSH incoming”;
flow:stateless; flags:S+; sid:100006927; rev:1;)

We are telling Snort to alert about any tcp connection from any external source to our ssh port (in this case the default port) including the text message “SSH INCOMING”, where stateless instructs Snort to ignore the connection’s state.

Now, we need to add the rule we created to our /etc/snort/snort.conf file. Open the config file in an editor and search for #7, which is the section with rules. Add an uncommented rule like in the image above by adding:

include $RULE_PATH/yourrule.rules

Instead of “yourrule.rules”, set your file name, in my case it was test3.rules.

Once it is done run Snort again and see what happens.

#snort -d -l /var/log/snort/ -h 10.0.0.0/24 -A console -c /etc/snort/snort.conf

ssh to your device from another device and see what happens:

You can see that SSH incoming was detected.

With this lesson I hope you know how to make basic rules and use them for detecting activity on a system.

Full article:

https://linuxhint.com/configure-snort-ids-create-rules/

Source

Intrinsyc’s compact “Open-Q 605” SBC for computer vision and edge AI applications runs Android 8.1 and Qualcomm’s Vision Intelligence Platform on Qualcomm’s IoT-focused, octa-core QCS605.

In April, Qualcomm announced its QCS605 SoC, calling it “the first 10nm FinFET fabricated SoC purpose built for the Internet of Things.” The octa-core Arm SoC is available in an Intrinsyc Open-Q 605 SBC with full development kit with a 12V power supply is open for pre-orders at $429. The products will ship in early December.

Open-Q 605, front and back

The fact that Qualcomm is billing the high-end QCS605 as an IoT SoC reveals how demand for vision and AI processing on the edge is broadening the IoT definition to encompass a much higher range of embedded technology. The IoT focus is also reinforced by the lack of the usual Snapdragon branding. The QCS605 is accompanied by the Qualcomm Vision Intelligence Platform, a set of mostly software components that includes the Qualcomm Neural Processing SDK and camera processing software, as well as the company’s 802.11ac WiFi and Bluetooth connectivity and security technologies.

The QCS605 supports Linux and Android, but Intrinsyc supports its Open-Q 605 board only with Android 8.1.

Qualcomm QCS605 and Vision Intelligence Platform

The QCS605 SoC features 8x Kryo 300 CPU cores, two of which are 2.5GHz “gold” cores that are equivalent to Cortex-A75. The other six are 1.7GHz “silver” cores like the Cortex-A55 — Arm’s more powerful follow-on to Cortex-A53.

The QCS605 also integrates an Adreno 615 GPU, a Hexagon 685 DSP with Hexagon vector extensions (“HVX”), and a Spectra 270 ISP that supports dual 16-megapixel image sensors. Qualcomm also sells a QCS603 model that is identical except that it offers only 2x of the 1.7GHz “Silver” cores instead of six.

Qualcomm sells the QCS605 as part of a Vision Intelligence Platform — a combination of software and hardware starting with a Qualcomm AI Engine built around the Qualcomm Snapdragon Neural Processing Engine (NPE) software framework. The NPE provides analysis, optimization, and debugging tools for developing with Tensorflow, Caffe, and Caffe2 frameworks. The AI Engine also includes the Open Neural Network Exchange interchange format, the Android Neural Networks API, and the Qualcomm Hexagon Neural Network library, which together enable the porting of trained networks.

The Vision Intelligence Platform running on the QCS605 delivers up to 2.1 TOPS of compute performance for deep neural network inferences, claims Qualcomm. The platform also supports up to 4K60 resolution or 5.7K at 30fps and supports multiple concurrent video streams at lower resolutions.

Other features include “staggered” HDR to prevent ghost effects in high-dynamic range video. You also get advanced electronic image stabilization, de-warp, de-noise, chromatic aberration correction, and motion compensated temporal filters in hardware.

Inside the Open-Q 605 SBC

Along with the Snapdragon 600 based Open-Q 600, the Open-Q 605 is the only Open-Q development board that Intrinsyc refers to as an SBC. Most Open-Q kits are compute modules or sandwich-style carrier board starter kits based on Intrinsyc modules equipped with Snapdragon SoCs, such as the recent, Snapdragon 670 based Open-Q 670 HDK.

Open-Q 605

The 68 x 50mm Open-Q 605 ships with an eMCP package with 4GB LPDDR4x RAM and 32GB eMMC flash, and additional storage is available via a microSD slot. Networking depends on the 802.11ac (WiFi 5) and Bluetooth 5.x radios. There’s also a Qualcomm GNSS receiver for location and 3x U.FL connectors.

The only real-world coastline port is a USB Type-C that supports DisplayPort 1.4 with [email protected] support. If you’d rather use the Type-C port for USB or charging a user-supplied Li-Ion battery, you can turn to an HD-ready MIPI DSI interface with touch support. You also get 2x MIPI-CSI for dual cameras, as well as 2x analog audio.

The Open-Q 605 has a 76-pin expansion header for other interfaces, including an I2S/SLIMBus digital audio interface. The board runs on a 5-15V DC input and offers an extended -25 to 60°C operating range.

Specifications listed for the Open-Q 605 SBC include:

• Processor — Qualcomm QCS605 with Vision Intelligence Platform (2x up to 2.5GHz and 6x up to 1.7GHz Krait 300 cores); Adreno 615 GPU; Hexagon 685 DSP; Spectra 270 ISP; Qualcomm AI Engine and other VIP components
• Memory/storage — 4GB LPDDR4X and 32GB eMMC flash in combo eMCP package; microSD slot.
• Wireless:
  • 802.11b/g/n/ac 2×2 dual-band WiFi (Qualcomm WCN3990) with planned FCC/IC/CE certification
  • Bluetooth 5.x
  • Qualcomm GNSS (SDR660G) receiver with Qualcomm Location Suite Gen9 VT
  • U.FL antenna connectors for WiFi, BT, GNSS
• Media I/O:
  • DisplayPort 1.4 via USB Type-C up to with USB data concurrency (USB and power)
  • MIPI DSI (4-lane) with I2C touch interface on flex cable connector for up to 1080p30
  • 2x MIPI-CSI (4-lane) with micro-camera module connectors
  • 2x analog mic I/Ps, speaker O/P, headset I/O
  • I2S/SLIMBus digital audio interface with 2x DMIC ports (via 76-pin expansion header)
• Expansion — 76-pin header (multiple SPI, I2C, UART, GPIO, and sensor I/O; digital and analog audio I/O, LED flash O/P, haptic O/P, power output rails
• Other features — 3x LEDs; 4x mounting holes; optional dev kit with quick start guide, docs, SW updates
• Operating temperature — -25 to 60°C
• Power — 5-15V DC jack and support for user-supplied Li-Ion battery with USB Type-C charging; PM670 + PM670L PMIC; 12V supply with dev kit
• Dimensions — 68 x 50 x 13mm
• Operating system — Android 8.1 Oreo

Further information

The Open-Q 605 SBC is available for pre-order in the full Development Kit version, which costs $429 and ships in early December. The SBC will also be sold on its own at an undisclosed price. More information may be found in Intrinsyc’s Open-Q 605 announcement, as well as the product page and shopping page.

Source

Published: November 15, 2018
Source

DevOps involves infrastructure provisioning, configuration management, continuous integration and deployment, testing and monitoring. DevOps teams have been closely working with the development teams to manage the lifecycle of applications effectively.

Data science brings additional responsibilities to DevOps. Data engineering, a niche domain that deals with complex pipelines that transform the data, demands close collaboration of data science teams with DevOps. Operators are expected to provision highly available clusters of Apache Hadoop, Apache Kafka, Apache Spark and Apache Airflow that tackle data extraction and transformation. Data engineers acquire data from a variety of sources before leveraging Big Data clusters and complex pipelines for transforming it.

Source

When I started Gluu in 2009, I had no idea how difficult it would be to start an open source software company. Using the open source development methodology seemed like a good idea, especially for infrastructure software based on protocols defined by open standards. By nature, entrepreneurs are optimistic—we underestimate the difficulty of starting a business. However, Gluu was my fourth business, so I thought I knew what I was in for. But I was in for a surprise!

Every business is unique. One of the challenges of serial entrepreneurship is that a truth that was core to the success of a previous business may be incorrect in your next business. Building a business around open source forced me to change my plan. How to find the right team members, how to price our offering, how to market our product—all of these aspects of starting a business (and more) were impacted by the open source mission and required an adjustment from my previous experience.

A few years ago, we started to question whether Gluu was pursuing the right business model. The business was growing, but not as fast as we would have liked.

One of the things we did at Gluu was to prepare a “business model canvas,” an approach detailed in the book Business Model Generation: A Handbook for Visionaries, Game Changers, and Challengers by Yves Pigneur and Alexander Osterwalder. This is a thought-provoking exercise for any business at any stage. It helped us consider our business more holistically. A business is more than a stream of revenue. You need to think about how you segment the market, how to interact with customers, what are your sales channels, what are your key activities, what is your value proposition, what are your expenses, partnerships, and key resources. We’ve done this a few times over the years because a business model naturally evolves over time.

In 2016, I started to wonder how other open source businesses were structuring their business models. Business Model Generation talks about three types of companies: product innovation, customer relationship, and infrastructure.

• Product innovation companies are first to market with new products and can get a lot of market share because they are first.
• Customer relationship companies have a wider offering and need to get “wallet share” not market share.
• Infrastructure companies are very scalable but need established operating procedures and lots of capital.

It’s hard to figure out what models and types of business other open source software companies are pursuing by just looking at their website. And most open source companies are private—so there are no SEC filings to examine.

To find out more, I went to the web. I found a great talk from Mike Olson, Founder and Chief Strategy Officer at Cloudera, about open source business models. It was recorded as part of a Stanford business lecture series. I wanted more of these kinds of talks! But I couldn’t find any. That’s when I got the idea to start a podcast where I interview founders of open source companies and ask them to describe what business model they are pursuing.

In 2018, this idea became a reality when we started a podcast called Open Source Underdogs. So far, we have recorded nine episodes. There is a lot of great content in all the episodes, but I thought it would be fun to share one piece of advice from each.

Advice from 9 open source businesses

Peter Wang, CTO of Anaconda: “Investors coming in to help put more gas in your gas tank want to understand what road you’re on and how far you want to go. If you can’t communicate to investors on a basis that they understand about your business model and revenue model, then you have no business asking them for their money. Don’t get mad at them!”

Jim Thompson, Founder of Netgate: “Businesses survive at the whim of their customers. Solving customer problems and providing value to the business is literally why you have a business!”

Michael Howard, CEO of MariaDB: “My advice to open source software startups? It depends what part of the stack you’re in. If you’re infrastructure, you have no choice but to be open source.”

Ian Tien, CEO of Mattermost: “You want to build something that people love. So start with roles that open source can play in your vision for the product, the distribution model, the community you want to build, and the business you want to build.”

Mike Olson, Founder and Chief Strategy Officer at Cloudera: “A business model is a complex construct. Open source is a really important component of strategic thinking. It’s a great distributed development model. It’s a genius, low-cost distribution model—and those have a bunch of advantages. But you need to think about how you’re going to get paid.”

Elliot Horowitz, Founder of MongoDB: “The most important thing, whether it’s open source or not open source, is to get incredibly close to your users.”

Tom Hatch, CEO of SaltStack: “Being able to build an internal culture and a management mindset that deals with open source, and profits from open source, and functions in a stable and responsible way with regard to open source is one of the big challenges you’re going to face. It’s one thing to make a piece of open source software and get people to use it. It’s another to build a company on top of that open source.”

Matt Mullenweg, CEO of Automattic: “Open source businesses aren’t that different from normal businesses. A mistake that we made, that others can avoid, is not incorporating the best leaders and team members in functions like marketing and sales.”

Gabriel Engel, CEO of RocketChat: “Moving from a five-person company, where you are the center of the company, and it’s easy to know what everyone is doing, and everyone relies on you for decisions, to a 40-person company—that transition is harder than expected.”

What we’ve learned

After recording these podcasts, we’ve tweaked Gluu’s business model a little. It’s become clearer that we need to embrace open core—we’ve been over-reliant on support revenue. It’s a direction we had been going, but listening to our podcast’s guests supported our decision.

We have many new episodes lined up for 2018 and 2019, including conversations with the founders of Liferay, Couchbase, TimescaleDB, Canonical, Redis, and more, who are sure to offer even more great insights about the open source software business. You can find all the podcast episodes by searching for “Open Source Underdogs” on iTunes and Google podcasts or by visiting our website. We want to hear your opinions and ideas you have to help us improve the podcast, so after you listen, please leave us a review.

Source

Stop me if you’ve heard this one before: <yyyy> will be the year of the Linux desktop. Even in Linux circles this is greeted with eye-rolling. Here’s the funny thing, though: Linux long ago won the hearts and minds of end users, even while the Linux desktop continues to spin its wheels.

How can that be?

The paradox is easily explained. But as for Linux’s failure to capture desktop hearts and minds, that’s a complicated story. I’ll lay it out for you.

First, the paradox: According to the latest Annenberg Surveying the Digital Future report, the average American now spends 24 hours a week online. Meanwhile, Kleiner Perkins partner Mary Meeker’s 2018 Internet Trends Report shows the average adult in 2017 spending 5.9 hours a day watching or listening to digital media.

And what do roughly 95.6% of all websites run on? With the exception of Microsoft sites, the answer is Linux. Facebook? Linux. Google? Linux. Yahoo? Linux. Netflix? Linux. I can go on and on. You may use Windows on your desktop, but it’s effectively just a front end to Linux-based services and data. You might as well be using a Chromebook (running on Linux-based Chrome OS, by the way).

But as a matter of fact, Windows is no longer the top end-user operating system. Oh yes, it does still dominate the desktop, but the desktop hasn’t been king of the end-user hill for some time. By StatCounter’s reckoning, the most popular end-user operating system as of September 2018, with 40.85% market share, was — drum roll, please — Android. Which — guess what — is based on Linux.

So, in several senses, Linux has been the top end-user operating system for some time.

But not on the desktop, where Windows still reigns.

Why? There are many reasons.

Back when desktop Linux got its start, Microsoft kept it a niche operating system by using strong-arm tactics with PC vendors. For instance, when Linux-powered netbooks gave Microsoft serious competition on low-end laptops in the late ’00s, Microsoft dug XP Home up from the graveyard to stop it in its tracks.

But Microsoft’s avid competitiveness is only part of the story. In fact, Microsoft has gotten quite chummy with Linux lately. It’s fair to say that it’s no longer trying to stop the Linux desktop from gaining ground.

No, what has done more than Microsoft to keep the Linux desktop down is the Linux community.

First, while the major Linux companies — Canonical, Red Hat and SUSE — all support Linux desktops, they all decided early on that the big money was to be made with servers (and nowadays with containers and the cloud). The biggest Linux players determined that the Linux desktop was a small market — and then they did very little to change that.

But there’s more to it than that. The Linux desktop has also been plagued by fragmentation. There is no one Linux desktop; there are dozens, and they are not at all alike. There’s the Debian Linux family, which includes Ubuntu and Mint; the Red Hat team, with Fedora and CentOS; Arch Linux; Manjaro Linux; and numerous others.

And then there are the desktop interfaces. Personally, as a dedicated Linux desktop user for decades, I love that I have a choice between GNOME, KDE Plasma, Cinnamon, Xfce, MATE, etc. for my desktop interface. But most people just find it confusing.

All of that just scratches the surface. There are also numerous incompatible package managers: Debian Package Management System (DPKG), Red Hat Package Manager (RPM), Pacman, Zypper, and many others.

You’d think everyone would learn to play well with one another. Nope. Not happening. The fragmentation just keeps getting worse, it seems. For example, the next generation of program installers will use a container-based approach. Do we have a single standard for that? Ha! Ubuntu has Snap, Red Hat has Flatpak, and never the twain shall meet.

All this is as confusing as can be to newcomers. Heck, it’s confusing even to Linus Torvalds’ diving buddy, VMware Chief Open Source Officer Dirk Hohndel, who wrote, “The current situation with dozens of distributions, each with different rules, each with different versions of different libraries, some with certain libraries missing, each with different packaging tools and packaging formats … that basically tells app developers ‘go away, focus on platforms that care about applications.’”

So, yes, 2019 will be the year of Linux end users who don’t know they’re Linux end users. But, “the” Linux desktop as a mass-market alternative to Windows? No, that’s not ever going to happen, not as long as Linux developers can’t play on the same page.

I’ll continue being a Linux desktop user. For me, as a power user’s power user, it’s the best of all operating systems. But for most people, Linux will never be a drop-in replacement for macOS or Windows.

Source

Dmitry Safonov wanted to implement a namespace for time information. The twisted and bizarre thing about virtual machines is that they get more virtual all the time. There’s always some new element of the host system that can be given its own namespace and enter the realm of the virtual machine. But as that process rolls forward, virtual systems have to share aspects of themselves with other virtual systems and the host system itself—for example, the date and time.

Dmitry’s idea is that users should be able to set the day and time on their virtual systems, without worrying about other systems being given the same day and time. This is actually useful, beyond the desire to live in the past or future. Being able to set the time in a container is apparently one of the crucial elements of being able to migrate containers from one physical host to another, as Dmitry pointed out in his post.

Read more at Linux Journal

Source

Source

November 14, 2018

Source

Nov 12, 2018

This guide will present a step-by-step guide of how to install and configure Vundle (Vim Bundle) from GitHub, and what issues you may face when installing Vundle. As many of you may know, vim is a console-based text editor that has numerous advanced features. One such feature is that its functionality can be extended and customized using plugins written by other people. Managing these plugins, however, can be rather tedious. Vundle attempts to assist users in managing these plugins for you by providing an interface.

Complete Story

Related Stories:

• Personalizing Vim(May 26, 2010)
• Vim 201: An Intermediate Guide to Vim(Nov 27, 2009)
• Vim 101: A Beginner’s Guide to Vim(Nov 21, 2009)
• VIM cheat sheet(Sep 13, 2011)
• Vim / Vi Tutorial(Dec 05, 2008)

Source