youcanlinux.wordpress.com

GNU/Linux, open-source/Libre computer tips (www.youcanlinux.org) Daniel Villarreal

gscan2pdf

Added November 10,  2017 by Daniel Villarreal. Links open in new window/tab

If you plan on scanning a big collection of documents in gscan2pdf, the stock /tmp location may fill up. I suggest changing the temporary file location for this program by going to Edit –> Preferences. For Temporary directory, I created a tmp directory in my home directory and then clicked on Browse, then surfed to my new tmp directory and clicked OK. Just make sure you have enough free space in your home directory partition.

Advertisements

Written by Daniel Villarreal

November 10, 2017 at 10:12 pm

Posted in Software

Security

Updated October 29,  2017 by Daniel Villarreal. Links open in new window/tab

Security Overview @ Fedora, Security policy @ Fedora

Security @ Ubuntu Community

Digitally Signing and Encrypting Messages @ Mozilla

https://www.sans.org/

https://www.coresecurity.com/grid/advisories

https://www.us-cert.gov/security-publications

http://cve.mitre.org/

Sicherheitsmeldungen aller Distributionen (prolinux.de)

Consider using separate computers for each member of your household. I think it’s a good idea to delete the and re-install the operating system once in a while. I back up information by directory and use separate partitions on either a single or multiple hard drives.

Hosts file

No matter what kind of internet connection you have, I recommend you use a hosts file to
optimize your surfing/computing experience... you'll potentially avoid having your
computer go to websites you're not interested in, help protect your privacy, and may
save your computer having to do a DNS lookup.

The following can help you if you use GNU/Linux. You may want to adjust to suit your
needs and use dos2unix on your hosts file... 
http://www.mvps.org/winhelp2002/hosts.htm
Also see
http://www.bleepingcomputer.com/tutorials/hosts-files-explained
https://github.com/StevenBlack/hosts/

BIOS

UEFI Secure Boot Guide @ Fedora

Please set a password on your BIOS.  You can reset to boot from a hard drive only, until you need to reset it to boot from CD/DVD drive again.

Software

Research operating systems. Ask around for advice.

Always verify data before you allow it on your computer, unless you trust the source, and even then, it’s a good idea to check things out thoroughly. Carefully consider your software sources and try to verify GPG/ GNuPG signatures, and also checksums, if possible…

Integrity check @ GnuPG

Verify downloaded image @ Fedora

Package Management @ Fedora

Hardware

If you have an always-on internet connection, please consider putting the modem on stand-by mode or unplug the ethernet cable from your computer when you’re away.

If you don’t have a router, buy one and configure it to use a new administrator password. If you buy a wireless router, set it to use WPA2 security, use the best encryption you can. If you don’t need the wireless capability, turn it off. Consider unplugging your computer/device from the internet when you aren’t using it. You could use airplane mode, if applicable. Due to recent developments, you should check your router manufacturer’s web site for firmware updates and take care to protect your home network.

https://duckduckgo.com/?q=wpa2+vulnerability&ia=web

You could also use OpenBSD or pfSense or for a home-made router.

Stuff

Security Guide @ Fedora

Virtualization Security Guide @ Fedora

SELinux official site

SELinux FAQ @ Fedora

SELinux Overview @Fedora

SELinux User’s and Administrator’s Guide @ Fedora

FreeIPA: Identity/Policy Management @ Fedora

Resource Management Guide @ Fedora (cgroups)

 

TCP Wrappers

TCP Wrappers @ Fedora

TCP Wrappers @ RedHat

 

Written by Daniel Villarreal

October 29, 2017 at 1:28 pm

Posted in Software

About

Daniel Villarreal (email: youcanlinux@gmail.com)
PGP key: 2F6E 0DC3 85E2 5EC0 DA03 3F5B F251 8938 A83E 7B49
Links open in new tab/window

October 29, 2017 Updated Browsers/cookies and Fedora/RedHat information

Content is provided under Creative Commons Attribution-Share Alike 3.0 Unported” license (CC-BY-SA)

Thanks for visiting !
Daniel Villarreal

Sites I edit and/or contribute to… http://www.youcanlinux.org, https://ideas2learn.wordpress.com/, http://homeschool.wiki/

Note: Wiki.wiki will cease operations on December 1, 2017.

Use this information at your own risk. A link to another web site does not necessarily imply my endorsement. Any trademarks used are the property of their owners.

 

 

Written by Daniel Villarreal

October 29, 2017 at 1:25 pm

Posted in Software

Fedora and RedHat

by Daniel Villarreal – youcanlinux@gmail.com – Updated October 29, 2017

create a custom.sh shell script in /etc/profile.d/ to make custom changes to your environment (this
will prevent the need for merging in future updates).

example:
alias ls1=”ls –color -lart |grep ^d”


Fedora 26 documentation

Upgrade to Fedora 26 or install , DNF System Upgrade  Fedora

How to use IPTables Instead of firewalld for Fedora [Fedoraproject] [Michael Douse]

Set up iptables [1][2], adjust TCP Wrappers , secure SSH , Fedora security policy), Modify /etc/fstab, set up sysctl [1][2][3][4], set up a custom hosts file [1][2] , “Common Post-Installation Tasks” , etc.


See SysVinit to Systemd Cheatsheet @ Fedora, for more details on options

systemd vs sysVinit Linux Cheatsheet – by  Bobbin Zachariah at linoxide.com

RPM Fusion (third-party) repository

@ Fedora

How to edit iptables rules

networking guide  Fedora 25

SELinux User’s and Administrator’s Guide Fedora 24

sysVinit command equivalents in systemd at Fedoraproject

Fedora/EPEL keys

Fedora Community websites , Fedora magazine

systemd vs sysVinit Linux Cheatsheet – by  Bobbin Zachariah at linoxide.com

Archlinux systemd , systemd FAQ , systemd-networkd

IPTables and Securing OpenSSH centos wiki

Troubleshooting SSH Connections” Unixlore.net

default policy of DROP on the input chain ssh” DuckDuckGo

Flushing iptables on Fedora” by

how to install CentOS – by  Bobbin Zachariah at linoxide.com

ReleaseNotes – Centos wiki

HowTos – index at Centos wiki


 

Virtual training video @ RedHat

Taste of Red Hat Training:  Managing SELinux modes video @ RedHat

manage w/ systemd @ RedHat

RedHat blogs, social

Written by Daniel Villarreal

October 29, 2017 at 12:40 pm

Posted in Software

Browsers and cookies

by Daniel Villarreal  – youcanlinux@gmail.com – Updated October 29, 2017

Privacy Related Tweaks Tutorial – Firefox config,” by Tenno Mateo … verify before using.

Manage LSO cookies [1] [2]. More info on cookies [1][2][3][4]. How to delete the cache.


Firefox and related: in browser bar open “about:config

“browser.urlbar.trimURLs” Right-click, click “toggle” and set to false

network.http.speculative-parallel-limitStop unauthorized connections. Mozilla article. Right-click, click “modify,” change from 6 to 0 (zero)

“browser.sessionstore.interval” Default 15 s. to 30 mins., i.e. from 15000 to 1800000. [1][2]

“browser.urlbar.clickSelectsAll” — false –> true. For convenience… right-click and copy the URL.

 

Info on vacuuming your Firefox databases
http://froebe.net/blog/2013/01/27/optimizing-the-firefox-sqlite-databases/

For multiple profiles, I change
for profile in *.default; do
to
for profile in *; do

more info on tweaks (verify before using, some of this is old)
https://gist.github.com/spcmd/ec0499117038cade97be
https://techfragments.com/the-12-best-firefox-aboutconfig-performance-tweaks/
http://www.techradar.com/news/software/applications/8-hacks-to-make-firefox-ridiculously-fast-468317

 

Firefox is going through a lot of changes.
Under Preferences –> General –> Performance
I uncheck “Use Recommended Performance Settings”
and set “Content Process Limit” to 1
User-Agent-string info here

See hosts file information in Security post.


To start Mozilla Firefox and choose a profile, edit the associated shortcut(s) in your start menu and/or on desktop:firefox -no-remote” or “firefox-esr -no-remote”), or see here for command-line options. Make sure the check box for “Use the selected profile without asking at startup” is unchecked.


Written by Daniel Villarreal

October 29, 2017 at 12:27 pm

Posted in Software

printing labels, etc.

by Daniel Villarreal – youcanlinux@gmail.com

For writing to CD- and DVD-ROM discs directly, in Linux, you can use Lightscribe technology. Luckily I still have Lightscribe software for Linux in my software collection. To use print technology, you’d have to find a way to use the manufacturer’s software in Linux, perhaps one could use WINE. Here’s an example of an old WINE report for this type of endeavor.

For other labeling uses, even for t-shirt iron-on transfers, you’d use special printing media, and software such as libreoffice.

Written by Daniel Villarreal

August 21, 2017 at 11:10 am

Posted in Printing

Partitioning

by Daniel Villarreal – youcanlinux@gmail.com

From Roderick Smith article “If you use GRUB 2 on a BIOS-based computer, create a BIOS Boot Partition… [from 32 kiB to 1 MiB] [1]

Viewing Block Devices and File Systems Fedora 26

Manual partitioning  Fedora 26

Storage and Partitioning  Fedora 26

Filesystems (here , here, and here), Fedora offers Btrfs

Please back up your information before attempting to edit partition(s).  I prefer to manually edit partitions. Here’s some information on filesystems here, and here.

 

view block devices and file systems: lsblk and blkid

http://rodsbooks.com/gdisk/sgdisk-walkthrough.html
http://www.rodsbooks.com/gdisk/cgdisk-walkthrough.html
https://en.wikipedia.org/wiki/GUID_Partition_Table

https://www.gnu.org/software/fdisk/

 

 

 

Written by Daniel Villarreal

August 21, 2017 at 10:16 am

Posted in Software