Sandra Henry-Stocker

Author Archives: Sandra Henry-Stocker

Printing from the Linux command line

Printing from the Linux command line is easy. You use the lp command to request a print, and lpq to see what print jobs are in the queue, but things get a little more complicated when you want to print double-sided or use portrait mode. And there are lots of other things you might want to do — such as printing multiple copies of a document or canceling a print job. Let's check out some options for getting your printouts to look just the way you want them to when you're printing from the command line.Displaying printer settings To view your printer settings from the command line, use the lpoptions command. The output should look something like this:To read this article in full, please click here

How to configure a static IP address on Linux

IP addresses on Linux systems are often assigned automatically by Dynamic Host Configuration Protocol (DHCP) servers. These are referred to as "dynamic addresses" and may change any time the system is rebooted. When a system is a server or will be remotely administered, however, it is generally more convenient for these systems to have static addresses, providing stable and consistent connections with users and applications.Fortunately, the steps required to change a Linux system's IP address from dynamic to static are fairly easy, though they will be a little different depending on the distribution you are using. In this post, we'll look at how this task is managed on both Red Hat (RHEL) and Ubuntu systems.To read this article in full, please click here

Cryptocurrency miners exploit Docker flaw

According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker's remote API has already been taken advantage of by hundreds of attackers.Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds.To read this article in full, please click here

Cryptocurrency miners exploit Docker flaw

According to Imperva research, a container flaw reported last month (CVE-2019-5736) in Docker's remote API has already been taken advantage of by hundreds of attackers.Imperva claims that they were able to locate 3,822 Docker hosts with the remote API (port 2735) publicly exposed. Of these, approximately 400 were accessible, and most of these were running a cryptocurrency miner for a lesser-known form of cryptocurrency called Monero. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] Monero (ticker symbol XMR) is an open-source cryptocurrency that was created in April 2014. It focuses on fungibility (individual units are essentially interchangeable), privacy, and decentralization. It also takes advantage of an obfuscated public ledger. That means anyone can broadcast or send transactions, but outside observers cannot tell the source, amount, or destination of the funds.To read this article in full, please click here

Linux security: Cmd provides visibility, control over user activity

There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here

Linux security: Cmd provides visibility, control over user activity

There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here

Linux security: Cmd provides visibility, control over user activity

There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here

Linux security: Cmd provides visibility, control over user activity

There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

Sitting in the Linux Cockpit

If you haven't tried the relatively new Linux Cockpit, you might be surprised by all it can do. It's a user-friendly web-based console that provides some very easy ways to administer Linux systems — through the web. You can monitor system resources, add or remove accounts, monitor system usage, shut down the system and perform quite a few other tasks — all through a very accessible web connection. It's also very easy to set up and use.While many Linux sysadmins spend most of their time on the command line, access to a remote system using a tool like PuTTY doesn't always provide the most useful command output. Linux Cockpit provides graphs and easy-to-use forms for viewing performance measures and making changes to your systems.To read this article in full, please click here

Sitting in the Linux cockpit

If you haven't tried the relatively new Linux Cockpit, you might be surprised by all it can do. It's a user-friendly web-based console that provides some very easy ways to administer Linux systems — through the web. You can monitor system resources, add or remove accounts, monitor system usage, shut down the system and perform quite a few other tasks — all through a very accessible web connection. It's also very easy to set up and use.While many Linux sysadmins spend most of their time on the command line, access to a remote system using a tool like PuTTY doesn't always provide the most useful command output. Linux Cockpit provides graphs and easy-to-use forms for viewing performance measures and making changes to your systems.To read this article in full, please click here

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here

Red Hat announces container flaw CVE-2019-5736

Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here

How much memory is installed and being used on your Linux systems?

There are numerous ways to get information on the memory installed on Linux systems and view how much of that memory is being used. Some commands provide an overwhelming amount of detail, while others provide succinct, though not necessarily easy-to-digest, answers. In this post, we'll look at some of the more useful tools for checking on memory and its usage.Before we get into the details, however, let's review a few details. Physical memory and virtual memory are not the same. The latter includes disk space that configured to be used as swap. Swap may include partitions set aside for this usage or files that are created to add to the available swap space when creating a new partition may not be practical. Some Linux commands provide information on both.To read this article in full, please click here

The Linux command-line cheat sheet

When coming up to speed as a Linux user, it helps to have a cheat sheet that can help introduce you to some of the more useful commands.In the tables below, you’ll find sets of commands with simple explanations and usage examples that might help you or Linux users you support become more productive on the command line.[ Also see Invaluable tips and tricks for troubleshooting Linux. ] Getting familiar with your account These commands will help new Linux users become familiar with their Linux accounts.To read this article in full, please click here

How to monitor activity on your Linux server

Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading

How to monitor activity on your Linux server

Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading

How to monitor activity on your Linux server

Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading

1 2 3 10