Another reason to switch to Linux

Posted on January 19, 2010. Filed under: Computer Virus and Malware, Linux |

Over at, there is an article about a NY school district getting over 3 million stolen from them via a malware infection. I particularly liked the last sentence: “…the FBI and the American Bankers Association recently recommended that online banking be made from dedicated computers, preferably not using Windows.”

Read Full Post | Make a Comment ( None so far )

What will it take for Linux and Open Source to dethrone Microsoft?

Posted on January 3, 2010. Filed under: Linux, Open Source |

Will this be the year of Desktop Linux? I really doubt that. I think it will take a few corporate success stories about deploying Linux desktops to get the ball rolling. Let’s face it, most IT managers prefer to make safe decisions. Maybe you have heard the saying, “Nobody gets fired for using Microsoft products”? In the industry I work in, we compare the technology we use to everyone else when the yearly trade journal stats are released. Before you go flaming me over this, keep in mind that all of us answer to someone. If I want to use technology X, I have to sell it to the CIO, and he/she has to sell that to the Board or CEO. I don’t just go and do anything I want to, I must first present my plans and get approval, and be prepared to defend each step of my proposal. That’s just the way it is.

When I first started working for my current employer, I found that I wasn’t the first engineer that had worked there that was pro Linux and Open Source. At first they heard the word Linux and said “here we go again”. I found that I had to pick and choose my battles. If there was a Microsoft solution and a Linux solution, I had to present clear facts that Linux was the better choice, and why it was so. I found that “free” and “better quality” didn’t necessarily matter when you have a Microsoft Data Center License and can deploy a new server from from a VMWare template with a GUI that everyone is already familiar with, and at no additional cost. My employer will frequently choose proprietary over free despite the cost if it was a “standard”, unless the open source solution clearly provided better functionality. If the average user would require retraining to use a different desktop O.S., or our existing applications aren’t compatible, that was like tethering a ships anchor to an airplane. It clearly isn’t going to fly.

We are currently in one of the best situations ever to think about moving to Linux on the desktop. With Windows XP’s end of life, many companies are already considering upgrading to Windows Vista or 7. The user interface has changed, and many existing applications aren’t compatible. I am currently reviewing a list of hundreds of applications for compatibility with  Windows 7 to decide what will have to be upgraded or replaced.

What is missing or needs improvement on Linux from an I.T. perspective? Please forgive my ignorance if I left something out or overlooked a solution. I don’t know everything. That’s what your comments are for. 🙂

  1. A desktop management framework similar to or better than MS Active Directory and GPO’s.
  2. Easy to understand server management tools. In this economy, I.T’s are increasingly being called on to be a jack of all trades. No time to become a Linux specialist for many overworked admins. I think that Webmin and E-Box are great steps in the right direction.
  3. Wine needs to offer professional grade support. With Windows 7, if your old application isn’t compatible, Microsoft’s Application Compatibility Toolkit can be used to create shims to get your app to work correctly. If your app isn’t already working under Wine, why can’t a team of support professionals charge for support to create a shim? Or better yet, if your new year’s resolution is to get involved with an open source project, this would be a good place to start. What specialized applications does your company use that may need work to function under Wine? Have you tested all of them to see if they work on Wine? Edit- While checking my sources I am happy to say I discovered that CodeWeavers offer paid support for Wine. Yippeeee!
  4. Don’t confuse your users with too many changes at once. Linux Distributions Mint, Easy Peasy, and Puppy do a great job of making things easy or familiar for most users.

What can be done to speed up adoption of open source systems?

  1. Volunteer your time. Even if you can’t program, if you have the time you can at least test and provide feedback to one of many great open source projects.
  2. Stop selling Linux. That is, configure a system that meets user needs and offer a free one month test drive. If you did a good job ensuring that the user’s application needs are met, the system is useable, and doesn’t force too many confusing changes on them at once, then chances are they wont want to give it back. Let it sell itself.
  3. I think that there is a great opportunity for the Linux Desktop just waiting for someone with the right resources to snap this up. Most of the average business users I speak with just want a simple business computer system that just works, without too many confusing bells and whistles. Make the user interface simple, and the system responsive. Business users don’t necessarily want flashy systems with a gazillion ways of doing things, only to see the system lock up and crash. Give them a simple system that meets their needs so they can get the job done. The industry has been stuck in a downward spiral of increasing computing power only to subject users to increasing complexity and problems. Think along the lines of Easy Peasy and getting things done in the most efficient way possible. Business users typically want simplicity and efficiency. Build a system like this, and provide support. Market it only to businesses and make the support plan too good to pass up. Let them have a free one month test drive. Make your offering viral by giving discounts or a free month of service for referrals.

Before you unleash the flames, please keep in mind that criticism backed up with fact or references is welcome. Profanity, or trolls who say “you suck”, etc. without providing us with anything substantial will make it into my Spam folder. That being said, don’t look at this article as an attack on FOSS, but as a call to unify and think outside the box to speed up open source adoption.

Read Full Post | Make a Comment ( 13 so far )

Network Incident Response and Forensics with NST

Posted on January 2, 2010. Filed under: Computer Virus and Malware, Gateway Antivirus, Linux, Network Forensics, Network Incident Response |

A Systems Engineer’s job isn’t just designing systems, but to also be proactive and think about weaknesses in the system and prevent the next big outage.

One day at the office recently, I started hearing reports of the internet connection running very slowly. Our firewall shows us overall stats, but doesn’t do a good job of showing “Top Talkers”. Actually, that feature is completely missing from it.

I was looking for a quick way to implement a monitoring system to show me who was using up the bandwidth. I also saw a need for a network forensics system to troubleshoot everything from network latency, to stopping the spread of malware. I remembered that I stumbled upon the Network Security Toolkit a while back. I was planning on evaluating it but never got around to it until now. This minor problem was the perfect thing to present to management to hopefully convince them of a need for a network monitoring system. You know how difficult it can be to get funding for anything that doesn’t contribute to the bottom line. I always look for an opening to get my company to use open source software whenever possible. This was a great opportunity.

By the time I had downloaded and burned a disc with NST, the internet latency issue was already over. Still, I went ahead with my evaluation. For the sake of brevity, I am leaving out the steps I took to create a monitor, or SPAN port on the switch. Without a monitor port on your switch, you can’t see all network traffic, only that which is addressed to your IP or MAC address, or broadcasts.

The ISO image was over a gigabyte, so it had to be burned to DVD (It can be used from a bootable USB drive as well). I used a spare laptop to boot the disc, and chose the graphical desktop from the menu options. After startup, I attempted to access the UI at URL https://<ip or domain name>/nstwui. The page wasn’t found. I realized that there weren’t any interfaces available besides lo. I ran the command “ifup eth0” and got a DHCP IP address.  I tried to access the URL again but didn’t get a response. I checked the service status and found that httpd wasn’t started. I ran the command “service httpd start” and got an ok response.  I was then able to access the admin UI.

NST Boot Screen

After logging in, I took the time to fully explore the web interface. I have to admit I was very impressed. It isn’t newbie simple, but this was meant to be a network analyst’s toolkit, not a newbie system. After familiarizing myself with the menus, I started up ntop and browsed to the management URL. I was able to easily drill down to see who was using up the most bandwidth and which services were running on the target computer.

While thinking about what other network issues I could solve with NST, I realized that we need to be prepared for the next big virus or worm outbreak and run an Intrusion Detection System (IDS). Fortunately, Snort is installed on NST, and was a snap to setup, but I already had some experience with Snort to start with. I recommend you try out NST in advance and get familiar with the tools BEFORE you are acting in a state of emergency. If you plan on using Snort, be sure to research how to create your own rules before the need arises. For those not already familiar with Snort, it can double as a gateway antivirus appliance if you configure it “inline”.

Snort Setup

Network Security Toolkit has many other tools installed that can be controlled in the excellent but very busy web interface. A complete list of tools included can be found here.

Read Full Post | Make a Comment ( 4 so far )

Switching to Linux with Puppy

Posted on January 1, 2010. Filed under: Computer Virus and Malware, Linux, Low Cost or Free |

Do you need a trusted online banking environment that you can be sure is free of malware? Or maybe you are just tired of buying Windows, antivirus software, and still having to pay someone to remove viruses? Have you ever thought about switching to Linux?

Typically the Linux operating system has been considered an O.S. for computer geeks and hackers. When your Linux distribution of choice just happens to recognize all of your hardware, it really is nice. If you have to tweak your settings to get a plugin or driver to work, it can be a real headache.

I have used Puppy Linux for about two years, mainly for data recovery. When nothing else works to recover data off of a corrupted hard drive, I know that I can use puppy to easily copy files to USB drives with ease. That has been my secret weapon for data recovery.

I have been using the same Puppy CD-ROM disk for quite a long time. It met my needs so I didn’t see the need to try the latest version. Lately a coworker needed to borrow my disk, but I had left it at home. He downloaded and burned the latest version. When I took a look, the latest Puppy version (4.2), looked very polished. After trying it myself, the main thing that stood out was that the menus and program names are arranged by verb instead of program name. This makes it perfect for a first time Linux user. You don’t have to look for a program to play a video and wonder what the names of each program mean. When you click on the start menu, the programs are named similar to “Play Video”, or “Browse the Web”, or “Read Email”.

Puppy can be run directly from the CD or installed to hard drive quickly and easily. Just boot off of the CD to try it out and see if it recognizes your computer hardware. If you like it, you can continue to run it off of the CD or install it. If you continue to run off of CD, It will save your data to USB drives or hard disk. Each time you reboot, your operating system is refreshed but your files are still there. Basically any changes like a virus infection is wiped out, that is if you even have to worry about a virus infection in the first place since this is rarely seen on Linux.

If you would like to be sure that you are doing online banking from a clean system, just run your operating system of choice (Windows/Linux/Mac) everyday and boot from the Puppy CD before going to your banking site. This is a great way to prevent malware keyloggers from stealing your banking credentials.

Read Full Post | Make a Comment ( 11 so far )

Liked it here?
Why not try sites on the blogroll...