Category Archives: Linux

Today is “World Backup Day”

If you have an electronic device (computer, phone, tablet), chances are that it can be backed up. Today, World Backup Day, serves as a reminder that you should be backing up those devices on a routine basis.

Backing up your data means making a second (and a third copy is recommended) of all of the data on your device. The 3-2-1 strategy is best – always three copies of your data, data stored on two different media, and one copy off-site.

You should backup because loosing data is not as uncommon as you might think. Devices can be lost or stolen. Or they may simply suffer a hardware failure. Increasingly too there is the threat of the data on your device being held for ransom.

Start a habit today of making routine backups. You can even go to the World Backup Day website and take the pledge to back up your data.

DON’T Plug in Just Any USB Drive!

Unknown

We have been aware of the threat of USB devices with auto-run malware for some time. More recently a worse device has surfaced, a USB Killer. This sounds like some fictional device you would see in a movie, but it is real.

This looks like any other USB drive, but the hardware is such that seconds after inserting it into a USB port, a disabling charge will be delivered. The USB Killer device charges up an internal capacitor from the 5V power supplied by the USB port. Once the charge reaches a high level (more than 200 volts) the capacitor is discharged back into the port. This process is repeated for as long as the device receives power. The power surge is fatal for most systems. The USB Killer device can then be unplugged and used again and again.

Not only have these devices been designed and tested, you can order one on-line from a Hong Kong company for less than $60. The product is advertised to “test USB ports for vulnerability”. Now at $60 each someone isn’t going to be buying and spreading the devices around, but it is cheap enough that someone up to no-good could purchase and then fry several several devices. How often do you see a laptop left unattended for a few minutes in a cafe?

The manufacturer claims “Our tests reveal that more than 95% of all devices using USB ports will be damaged permanently or completely destroyed by a USB power surge attack.” They do go on to say that “To date [August 16, 2016], the only hardware that resisted … tests was the latest model Macbooks ­which optically isolate the data lines on the USB ports.

If the evil doer is more creative, they can build their own device. I found one YouTube video where a $3 USB device was purchased on-line then modified to deliver a killing charge. Explicit “how to” instructions were given on how to weaponize the device.

What makes this scary and dangerous is that a recent study conducted by the University of Illinois, Urbana-Champaign, the University of Michigan and Google indicated that ‘found’ USB drives are often plugged into a computer. In this particular test 297 devices were spread around the University of Illinois, Urbana-Champaign campus. The result was that they found “that users pick up and connect an estimated 45%–98% of the drives we dropped.

Keep in mind that these USB Killer devices can affect any system with a USB port – computers, TVs, entertainment systems, autos, etc.

How do you protect yourself? If you find a USB drive do not plug it in!


See my other cyber security articles


 

macOD -MacHTTP.js

Product AnnouncementMacHTTP.Org of Leesburg, Virginia has released MacHTTP-js Preview for macOS, a full-featured Web server for 21st century desktops and servers. MacHTTP-js is a modern take on the classic stand-alone, desktop computer Web server plus a whole lot more, using current state-of-the-art technology while derived from the core ideas that went into the creation of the original Mac Web server, MacHTTP.

MacHTTP-js eliminates the need to understand arcane command line tools or to be an expert in deploying Linux-based servers. Instead, it returns to its roots as a double-clickable application with a friendly user interface allowing anyone technical enough to operate a text editor to set up a web server or create compelling Web applications on their desktop which can be migrated to public servers.

Implemented with modern technologies like node.js, Express.js, and Electron, MacHTTP-js is designed for upcoming versions to run on multiple different operating systems and computers, from Macs running macOS to Windows 10, various flavors of Linux (Ubuntu, Debian, RHEL, etc.), and even Raspberry Pis running Raspbian or container-based systems like Docker. These other versions will be released as part of the final release of MacHTTP-js, coming soon. This software is a Free Opens Source Software (FOSS) project.

The Preview version of MacHTTP-js runs on any version of macOS that is actively supported by Apple. For more information on MacHTTP-js, or to download the fully functional MacHTTP-js Preview version on macOS, free of charge, visit their web site.

macOS – OnlyOffice 4.1.1

Product Announcement – Ascensio System SIA of Riga, Latvia, the developer of IT solutions for business, today is pleased to announce that they have opened the source code of its ONLYOFFICE Desktop Editors, presenting a free and open source alternative to Microsoft Office for Mac OS. ONLYOFFICE Desktop Editors is an office suite that combines text, spreadsheet and presentation editors, allowing anyone to create, view and edit documents offline. Being fully compatible with MS Office, the editors support all the popular document formats, including ODF.

The application features all types of formatting options and allows users to edit complex documents as well as easily switch to online mode and collaborate on documents with colleagues or teammates. The collaborating features include real-time co-editing in two modes, reviewing and tracking changes, commenting, built-in chat. The editors also support connecting third-party plugins. Developers can use these plugins to add specific functions they need to the editors.

System Requirements:

  • Mac OS 10.10 or higher
  • Windows (both 64-bit and 32-bit)
  • Linux also supported
  • 193 MB

ONLYOFFICE 4.1.1 is now free and available worldwide. The office suite is available under AGPL license v3. This means you’re able to download and use ONLYOFFICE Desktop Editors without any restrictions. The application can be downloaded from the official website, the source code is now available on GitHub.

RIP Dennis Ritchie

dr

I read today (“Dennis Ritchie, Father of C and Co-Developer of Unix, Dies“) that Dennis Ritchie had died. As anyone familiar with computer science knows he made huge contributions to the advancement of computing. He was the creator of my favorite (and still widely used) programming language C. He was also a key contributor to the development of the Unix Operating System. From Unix were derived Linux and macOS, both of which are widely used today alongside Unix.

He will be missed!

Another Source of Tech Information

screen-shot-2016-10-02-at-1-45-23-pm

I saw a article about How-To Geek, an online tech magazine, and thought that it might be something of interest to my readers.  It includes articles targeted at both the technical and general readers.

The site was founded in 2006. Articles are divided into the categories of Windows, Linux, Office, Gadgets, Mobile, Hardware, Apple, and Geek School. This might be a good addition to your ‘tech’ leisure reading.

I have subscribed to their RSS feed so that I get all of their articles in my RSS reader (I use the FOSS program Vienna).

CLI – rsync

The rsync command is a utility common to Linux, Unix, BSD and macOS. Versions of rsync are now available on Windows systems as well.

This command is used to synchronize files and directories. This can be done between locally attached storage, or between two different network connected systems. Design of the rsync algorithm minimizes the network usage, while still maintaining file synchronization.

The rsync daemon can be run on a machine to allow other remote machines to copy file to or from it. The rsync command requires arguments indicating the source and destination locations.

There are many different command line options available to rsync. The general format is: rsync options source destination

One of the nice features of rsync is that it only copies files that have changed since the last time they were transferred. Check the reference list at the bottom of this article for suggestions of the best set for your application. Some of the simplest are:

  • rsync -avh /home/usr/dir/ /media/disk/backup/
    – this copies everything in the directory /home/usr/dir/ to /media/disk/backup/
  • rsync -avh –delete /home/user/dir/ /media/disk/backup – does the same as above except that files deleted from /home/user/dir/ will also be deleted from /media/disk/backup
  • rsync –progress -avh /home/usr/dir/ /media/disk/backup/ – does the same as the first example, but show how much of the copy is remaining

When I run rsync -h on my macOS 10.11.6 system I get the following list of options:

rsync is a file transfer program capable of efficient remote update
 via a fast differencing algorithm.

Usage: rsync [OPTION]... SRC [SRC]... DEST
 or   rsync [OPTION]... SRC [SRC]... [USER@]HOST:DEST
 or   rsync [OPTION]... SRC [SRC]... [USER@]HOST::DEST
 or   rsync [OPTION]... SRC [SRC]... rsync://[USER@]HOST[:PORT]/DEST
 or   rsync [OPTION]... [USER@]HOST:SRC [DEST]
 or   rsync [OPTION]... [USER@]HOST::SRC [DEST]
 or   rsync [OPTION]... rsync://[USER@]HOST[:PORT]/SRC [DEST]

The ':' usages connect via remote shell, while '::' & 'rsync://' usages connect to an rsync daemon, and require SRC or DEST to start with a module name.

Options

-v, --verbose               increase verbosity
 -q, --quiet                 suppress non-error messages
 --no-motd               suppress daemon-mode MOTD (see manpage caveat)
 -c, --checksum              skip based on checksum, not mod-time & size
 -a, --archive               archive mode; same as -rlptgoD (no -H)
 --no-OPTION             turn off an implied OPTION (e.g. --no-D)
 -r, --recursive             recurse into directories
 -R, --relative              use relative path names
 --no-implied-dirs       don't send implied dirs with --relative
 -b, --backup                make backups (see --suffix & --backup-dir)
 --backup-dir=DIR        make backups into hierarchy based in DIR
 --suffix=SUFFIX         set backup suffix (default ~ w/o --backup-dir)
 -u, --update                skip files that are newer on the receiver
 --inplace               update destination files in-place (SEE MAN PAGE)
 --append                append data onto shorter files
 -d, --dirs                  transfer directories without recursing
 -l, --links                 copy symlinks as symlinks
 -L, --copy-links            transform symlink into referent file/dir
 --copy-unsafe-links     only "unsafe" symlinks are transformed
 --safe-links            ignore symlinks that point outside the source tree
 -k, --copy-dirlinks         transform symlink to a dir into referent dir
 -K, --keep-dirlinks         treat symlinked dir on receiver as dir
 -H, --hard-links            preserve hard links
 -p, --perms                 preserve permissions
 --executability         preserve the file's executability
 --chmod=CHMOD           affect file and/or directory permissions
 -o, --owner                 preserve owner (super-user only)
 -g, --group                 preserve group
 --devices               preserve device files (super-user only)
 --specials              preserve special files
 -D                          same as --devices --specials
 -t, --times                 preserve times
 -O, --omit-dir-times        omit directories when preserving times
 --super                 receiver attempts super-user activities
 -S, --sparse                handle sparse files efficiently
 -n, --dry-run               show what would have been transferred
 -W, --whole-file            copy files whole (without rsync algorithm)
 -x, --one-file-system       don't cross filesystem boundaries
 -B, --block-size=SIZE       force a fixed checksum block-size
 -e, --rsh=COMMAND           specify the remote shell to use
 --rsync-path=PROGRAM    specify the rsync to run on the remote machine
 --existing              skip creating new files on receiver
 --ignore-existing       skip updating files that already exist on receiver
 --remove-source-files   sender removes synchronized files (non-dirs)
 --del                   an alias for --delete-during
 --delete                delete extraneous files from destination dirs
 --delete-before         receiver deletes before transfer (default)
 --delete-during         receiver deletes during transfer, not before
 --delete-after          receiver deletes after transfer, not before
 --delete-excluded       also delete excluded files from destination dirs
 --ignore-errors         delete even if there are I/O errors
 --force                 force deletion of directories even if not empty
 --max-delete=NUM        don't delete more than NUM files
 --max-size=SIZE         don't transfer any file larger than SIZE
 --min-size=SIZE         don't transfer any file smaller than SIZ
 --partial               keep partially transferred files
 --partial-dir=DIR       put a partially transferred file into DIR
 --delay-updates         put all updated files into place at transfer's end
 -m, --prune-empty-dirs      prune empty directory chains from the file-list
 --numeric-ids           don't map uid/gid values by user/group name
 --timeout=TIME          set I/O timeout in seconds
 -I, --ignore-times          don't skip files that match in size and mod-time
 --size-only             skip files that match in size
 --modify-window=NUM     compare mod-times with reduced accuracy
 -T, --temp-dir=DIR          create temporary files in directory DIR
 -y, --fuzzy                 find similar file for basis if no dest file
 --compare-dest=DIR      also compare destination files relative to DIR
 --copy-dest=DIR         ... and include copies of unchanged files
 --link-dest=DIR         hardlink to files in DIR when unchanged
 -z, --compress              compress file data during the transfe
 --compress-level=NUM    explicitly set compression level
 -C, --cvs-exclude           auto-ignore files the same way CVS does
 -f, --filter=RULE           add a file-filtering RULE
 -F                          same as --filter='dir-merge /.rsync-filter'
 repeated: --filter='- .rsync-filter'
 --exclude=PATTERN       exclude files matching PATTERN
 --exclude-from=FILE     read exclude patterns from FILE
 --include=PATTERN       don't exclude files matching PATTERN
 --include-from=FILE     read include patterns from FILE
 --files-from=FILE       read list of source-file names from FILE
 -0, --from0                 all *-from/filter files are delimited by 0s
 --address=ADDRESS       bind address for outgoing socket to daemon
 --port=PORT             specify double-colon alternate port number
 --sockopts=OPTIONS      specify custom TCP options
 --blocking-io           use blocking I/O for the remote shell
 --stats                 give some file-transfer stats
 -8, --8-bit-output          leave high-bit chars unescaped in output
 -h, --human-readable        output numbers in a human-readable format
 --progress              show progress during transfer
 -P                          same as --partial --progress
 -i, --itemize-changes       output a change-summary for all updates
 --out-format=FORMAT     output updates using the specified FORMAT
 --log-file=FILE         log what we're doing to the specified FILE
 --log-file-format=FMT   log updates using the specified FMT
 --password-file=FILE    read password from FILE
 --list-only             list the files instead of copying them
 --bwlimit=KBPS          limit I/O bandwidth; KBytes per second
 --write-batch=FILE      write a batched update to FILE
 --only-write-batch=FILE like --write-batch but w/o updating destination
 --read-batch=FILE       read a batched update from FILE
 --protocol=NUM          force an older protocol version to be used
 -E, --extended-attributes   copy extended attributes
 --cache                 disable fcntl(F_NOCACHE)
 -4, --ipv4                  prefer IPv4
 -6, --ipv6                  prefer IPv6
 --version               print version number
 (-h) --help                  show this help (-h works with no other options)

References:

  1. How to Backup Linux? 15 rsync Command Examples
  2. Do-It-Yourself Backup System Using Rsync
  3. Back up like an expert with rsync

See my other Command Line articles


 

Happy SysAdminDay!

hqdefault

Today, July 29, is the 17th internationally recognized day to recognize computer and network System AdministratorsSysAdminDay. The last 20 years or so of my career was spent as a Unix/Linux Sys Admin, so I like to promote this day.

Just remember that the Sys Admins are those folks behind the scenes that keep your computer network secure and your servers up and running. Usually all they hear are complaints when a system goes down. Their many long hours, often in the middle of the night and on weekends, is what keeps everything working properly.

Please show your appreciation today for any Sys Admins that you know.