Category: Debian

PDF/A: Setup Linux CUPS to Print Archive PDF/A

If you have a Office and you have to archive Documents and Prints over Years you should have heard that there is a special PDF Type called PDF/A which is set as default Archiving PDF File Type for decades. To use it you can use the Linux Print Server called CUPS to translate all digital Prints to PDF/A. This free Software Printer is known on all Linux Releases, and he can listen on USB and Network Interfaces on Documents. Also you can use Network Printers/Scanners like the Brother MFC-Series to Scan Documents and later to print them virtual as PDF/A […]

Linux: Bash Script Time Saver Session Timer

If you use daily the Internet you know how fast the Time passes. The Internet Research can grab a lot of time without that you feel it. Thats wasted time! For saving Time on Linux you display a Timer Message on the User Screen after some Time, which let you remark that XX Minutes are gone. The Linux Tool who can offer this is called “gxmessage” Howto: Install gxmessage if not installed with $sudo apt-get install gxmessage open the root Crontab with $crontab -e Enter this code (Username = User!): */10 * * * *    sudo -u username DISPLAY=:0.0 […]

Apache: Analyse Logs Spam Bots

If you admin a Apache Webserver, you see often weekly thousand of visits a day on your Blogs. Background: These are no real users, this visits are made by Spam Bots in my Logs like Xovi.de or xovibot.net Bots! On info pages this Company says Admins should disallow crawl by robots.txt, but they IGNORE the settings! This x-guys is in my opinion against German Law “Datenschutz”. "Mozilla/5.0 (compatible; XoviBot/2.0; +http://www.xovibot.net/)" Solution: On Linux Setup a Firewall like ufw and block these IP Ranges To find out the IPs do: $sudo cat /var/log/apache2/access.log|grep xovibot.net| awk '{ print $2 }' | sort | […]

Rsync: Performance NFS Boost

If you use two Linux Servers with NFS Shares connect over Gigabit Interfaces for Backups, you perhaps remark performance problems on using rsync. It does often pause transmissions or reach only a rate of 32Mb/s. That’s bad and waste time and energy. Background: After some Tests of running Backups with single files and compressed big archives, the scans of my tools like iftop, systat, iptraf found out that the used Option “rsync -avz” was the bottle neck, cause the Data Rate break down at intervals. The “z” compress option was described on howtos as must have for slower networks did […]

Raspberry Pi: Resize Shrink SDCard Image Clone Backup Noobs

If you own a raspberry pi, in some cases it is useful to shrink the sdcard, cause you need often not more than 8/16GB. What do you need and how to solve shinking or extending the OS: Hardware you need: 2 empty SDCards (Source + Dest.) 2 SDCard Adaptors Micro-SD to SD Fullsize 2 SD-USB Card Readers, i use them for stable work, cause USB SDCard Readers on Laptops often fails (Shared Sources) 1 Laptop with Ubuntu CD inside the CD-Rom or installed ubuntu with gparted Howto: Plug the Cards into the Adaptors and into the Readers, connect to the […]

Amazon: Cloud Drive Sharing with NFS on Local Network as Photo Uploader Backup

Current the acd_cli tool for amazon drive mount offers no “fsid” (device /dev) point, that you cant export and share the amazon drive at your home local network. On the latest raspberry pi OS (jessie) you can use a small workaround to get a NFS Shared Amazon Cloud Backup Uploader (needs python3.4 !) install acd_cli tools, create the auth file (read) and  run $ sudo acd_cli mount /amazoncloud now create a second Folder /sendtoamazon install nfs-kernel-Server and share this Folder with NFS exports to your LAN on the raspberrypi you can use a cron “move” Job running every 10 Minutes: #crontab -e */10 * […]

Raspberry Pi: Raspian disadvantages of embedded OS

The last 12 month have been a “golden” time of the upcomming embedded linux devices, but the custom OS’s offers some problems, you should know for projects: embedded PC’s like the ARM based pi2 / pi3 uses a own compiled OS not every known debian package is available not all compile scripts to rebuild are available on git slow performance can let you run into unuseable problems (heat, load, I/O), correct written scripts run into freezes without any error made by you! you should take time for a closer look at buying them calc the costs of non-x86 systems, later […]

Security: Harden DSL Routers and Networks against attacks

Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points : Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…) You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy! Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control Reduce the count of devices who are connected direct to […]

Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!

Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force “drive-by-load-Viruses” to the Website Visitors. But a lot of Webmasters of the Opensource Community were angry about this handling. Thats […]

Raspberry Pi: Howto build a Local Network Monitor for Intrusion Logging Watchdog

Today the count of network devices at home networks grows up weekly, cause more and more home devices like freezers, coffee engines, dishwasher and more got builtin wifi interfaces. To have a Control Unit you can use a raspberry pi2 as cheap Network Monitor Logger. The Raspian by default offers builtin free tools, like arp, arp-scan, nmap, ping to easy monitor a network. If you have learned some commands and the bash scripting you can fast create a Network Logger, perhaps with analyse tools to mail alerts if new “MAC” NIC Adresses are seen. Every network device uses a owned […]

Owncloud: Howto harden owncloud access with a ssh tunnel and squid

If you want to use a private secure owncloud (WebDAV Space Server) as Backup for all your devices you can harden the access thru a openssh Login with key auth and a squid as relay. Install apache2, php5, mysql-Server, openssh, squid3 config Apache2 to listen on https://localhost:443 setup squid3  and config the Proxy to listen only on localhost:3128 install owncloud to /var/WWW with forced “https” settings at the config.php create ssh-keys to auth with password protected key to the SSH Server If done, you can access the private Backup-Server via a Terminal/ Putty with the Tunneling Options $ssh -L 3128:localhost:3128 username@owncloudserver.home Open your Browser on your […]