Archive for March 30, 2008

My Idea For How to Improve Ubuntu

For those not aware, Canonical now has a voting system setup for submitting your own ideas on how to improve Ubuntu, called Ubuntu Brainstorm. This is similar to the Dell IdeaStorm site that established Ubuntu as a distribution that Dell Computer needed to include purchase options for. Anyway, I have submitted an idea for community review and will include a link on the sidebar of this blog for your review.

My suggestion is providing a portal with tips, tricks, and directions for new and interested users. The idea may need some further documentation and thought, but I already have 64 votes as of this post. Feel free to check it out, and if you are at all interested, please consider voting for this idea.

I’ve finally found a decent IDS

OSSEC Logo

Linc Fessenden from the Linux Link Tech Show mentioned OSSEC a few weeks ago and recommended everyone check it out. According to the project’s about page:

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. A list with all supported platforms is available here.

After testing it out on several of my machines, I can officially say it’s exactly what I was looking for in an IDS: something lightweight, cross-platform, and well documented. My setup involved installing it as a local instance on every machine, rather than the centralized config. Viewing the logs for every machine in one place doesn’t really appeal to me. I just need something that will nag me and say, “Hey, Dummy! You misconfigured that install you attempted at 3am. Fix it!” The added benefit of receiving the alerts offsite is that the existing records are stored in my Gmail. Even if someone did manage to root a computer, the logs wouldn’t be on the box and the creator of the kit wouldn’t be able to bury his/her tracks.

My hope is to test the centralized configuration in the future, but for the moment there is no benefit.

This is absolutely what I was looking for in intrusion detection. Go check OSSEC out when you get a chance.

Websites as Graphs

I’ve been to this site before, but someone reminded me of it this morning. Aharef is a javascript that creates a graphical representation of a website. Is there any purpose to it? Of coursenot, it’s just cool.

http://www.aharef.info/static/htmlgraph/

Here’s what itadmins.org looks like: