The Blockchain for Good Hackathon takes place Saturday, 30 September and Sunday, 1 October. Full agenda can be found here.
How many years has it been going?
This is the inaugural event.
What exciting things can people look forward to for the 2017 version?
Participating developers will work together with top coders, architects, and leading thinkers from Hyperledger and Accenture to build innovative solutions that can positively impact millions of lives and the environment.
Wait, Linux needs antivirus and anti-malware solutions? I thought it was immune to such things. Perhaps a bit of clarification is necessary here.
First and foremost, no operating system is 100 percent immune to attack. Whether a machine is online or offline, it can fall victim to malicious code. Although Linux is less prone to such attacks than, say, Windows, there is no absolute when it comes to security. I have witnessed, first hand, Linux servers hit by rootkits that were so nasty, the only solution was to reinstall and hope the data backup was current. I’ve been a victim of a (very brief) hacker getting onto my desktop, because I accidentally left desktop sharing running (that was certainly an eye opener). The lesson? Even Linux can be vulnerable.
So why does Linux need tools to prevent viruses, malware, and rootkits? It should be obvious why every server needs protection from rootkits — because once you are hit with a rootkit, all bets are off as to whether you can recover without reinstalling the platform. It’s antivirus and anti-malware where admins start getting a bit confused.
Let me put it simply — if your server (or desktop for that matter) makes use of Samba or sshfs (or any other sharing means), those files will be opened by users running operating systems that are vulnerable. Do you really want to take the chance that your Samba share directory could be dishing out files that contain malicious code? If that should happen, your job becomes exponentially more difficult. Similarly, if that Linux machine performs as a mail server, you would be remiss to not include AV scanning (lest your users be forwarding malicious mail).
With all of that said, what are your options? Let’s take a look at a few tools, offered for the Linux platform, that do a good job of protecting you (and your users) from viruses, malware, and rootkits.
ClamAV
Without a doubt, ClamAV is the most popular option for keeping viruses off of your Linux machines and out of your shared directories. There are a few reasons why ClamAV is so popular among the Linux crowd. First, it’s open source, which in and of itself is a big win. Second, it’s very effective in finding trojans, viruses, malware, and other threats. ClamAV features a multi-threaded scanner daemon that is perfectly suited for mail servers and on-demand scanning.
ClamAV can be run from command line or it with the ClamTK GUI. Both tools are easy to use and very dependable. Installing ClamAV is simple.
If you’re running a Debian-based desktop, you can install ClamTK (the GUI) with the command:
sudo apt install clamtk
There are also third-party tools that can be added (to include support for the likes of MTA, POP3, Web & FTP, Filesys, MUA, Bindings, and more).
Upon installation, the first thing you’ll want to do is update the signatures with the command sudo freshclam. Once that completes, you can scan a directory with the command:
clamscan -r -i DIRECTORY
where DIRECTORY is the location to scan. The -r option means to recursively scan and the -i options means to only print out infected files. If you work with the GUI, it’s even easier. From the GUI you can run a scan and, should ClamAV find anything, act on it (Figure 1).
Figure 1: ClamAV found a file with possible malicious code.
The one caveat to ClamAV is that it does not include real-time scanning. In fact, if you’re not using the ClamTK GUI, then to create a scheduled scan, you must make use of crontab. With the ClamTK GUI, you can only set up a schedule for your user home directory.
Sophos
If you’re looking for a non-open source solution from a company that’s been in the antivirus sector for quite some time, Sophos offers a free Linux scanner that does an outstanding job. This particular solution does on-access and on-demand scans for viruses, trojans, and malware. To prevent your Linux machine from becoming a distribution point for malicious software, Sophos Antivirus for Linux detects, blocks, and removes Windows, Mac, and Android malware. What makes Sophos stand above ClamAV is the inclusion of a real-time scanner. For desktops that share a lot of files, that is a deal maker.
Once you’ve agreed to the Sophos license (and entered a bit of information), you can download the distribution-agnostic installer, extract the file, and install with the command sudo sh install.sh. During the installation (Figure 2), you’ll be asked if you want to enable on-access scanning (real-time).
Figure 2: Enabling real-time scanning for Sophos.
You will also be asked what type of auto-updating to be used for virus definitions. You can choose from Sophos servers, your own servers, or none. You can also choose to install the free or the supported version of Sophos as well as configure a proxy (if necessary).
When the installation completes, Sophos is running and protecting your machine in real time. There is no GUI for Sophos, so you’re restricted to the command line. You can check to see if Sophos is running with the command:
/opt/sophos-av/bin/savdstatus
Upon issuing the command, you should see Sophos Anti-Virus is active (Figure 3).
Figure 3: On-access scanning is enabled.
If you want to run an on-demand scan, it is as simple as:
savscan DIRECTORY
Where DIRECTORY is the directory to be scanned.
chkrootkit and rkhunter
No tool is more important to the security of your Linux server than either chkrootkit or rkhunter. These particular tools check for the likes of:
System binaries for rootkit modification
If the interface is in promiscuous mode
lastlog deletions
wtmp deletions
Signs of LKM trojans
Quick and dirty strings replacement
utmp deletions
The chkrootkit tool can be installed on Debian-based systems with the following command:
sudo apt install chkrootkit
The rkhunter tool can be installed on CentOS-like systems with the commands:
Once installed, the usage is very simple: Issue either sudo chkrootkit or sudo rkhunter -c. Both commands will dive into the system and check for any known rootkits. During the rkhunterscan, you will have to press Enter on your keyboard (when prompted), as it runs through the different stages of the check. When the scan completes, both tools will report back their findings (Figure 4).
Figure 4: The results of an rkhunter scan on CentOS 7.
Stay safe
There are plenty more options out there, but these four tools should go a long way to keep you safe. Whether you only need a command line antivirus/malware/trojan scanner, a GUI, or a tool to hunt for rootkits, you’re covered. Just don’t fall into the trap of thinking that, because you’re using Linux, you are perfectly safe…even without protection.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
Speak the word “mainframe” to many millennial techies, and the first things that likely come to mind are in the form of grainy sepia photos of floor-to-ceiling, wall-to-wall computers with big spinning tapes. But that’s far from the reality of the modern mainframe.
Imagine instead up to 240 10-core, 5.2ghz processors, 32TB of RAIM (redundant array of independent memory), hardware-based encryption, and fully hot-swappable hardware components. Those are the specs of the newly released IBM z14 – a single machine that could replace the computing resources of an average corporate data center with room to spare.
The challenge this architecture ecosystem is facing is exactly the perception I kicked off with, and with that, the perception that building a career around such a platform is a mistake. But don’t tell that to the 15 interns who have come through The Linux Foundation’s Open Mainframe Project. With Linux and open source thriving on mainframe, being a “mainframer” has become an intriguing career for students. Just look at some of the work these students have done:
The first electric car was produced in the late 19th century, and by 1900 more than a quarter of cars were electric. Then the internal combustion engine took over, and for a century it dominated. Now, however, electric cars are making a comeback, and both manufacturers and governments are predicting the end of the internal combustion engine.
What happened? The technology used for electric cars improved dramatically, the ecosystem of charging points expanded massively, and the need to be green and energy efficient changed public perceptions.
The first computers were large, centralized, shared systems. Then personal computers emerged, followed by the client-server era, then the servers were linked together into clusters, and most recently networked into cloud systems in order to share data and meet increasing demands for processing power.
We are now seeing a resurgence of large, centralized, shared computer systems. Why? The technology being used for these systems has changed dramatically, the ecosystem of open source and commercial software has expanded greatly, and the need to be green and energy efficient has changed public perceptions.
Additionally, security is a top concern of CIOs; big data is growing exponentially, and IT is being asked to deliver actionable insights faster than ever.
This is where large, centralized, shared computer systems can have significant advantages. Security has a smaller perimeter to protect. Data can be stored in one database, without sharding. And applications can be located on the same system as the data, avoiding latency and network delays.
Technologies for Security, Speed and Scale
Two years ago at LinuxCon in Seattle, IBM announced LinuxONE – its enterprise Linux-only server. This year at Open Source Summit in Los Angeles, we showcased where LinuxONE is being used in practice, why the technology it’s built on is market-leading, and how it is able to address the key priorities of security, speed and scale. We also announced a new version of IBM LinuxONE – Emperor II. You can find out more at www.ibm.com/linuxone.
The unique and breakthrough security technology for LinuxONE is the IBM Secure Service Container. This provides a framework for securely deploying and running software appliances. Building on the logical partitions (LPARs) of LinuxONE which provide peer isolation certified at EAL5+, the Secure Service Container also pervasively encrypts the data, validates the appliance code at boot time, and protects against the misuse of privileged user credentials by internal or external threats with the isolation of the data and applications from shell or command line access.
In the future, it is planned to integrate Docker and open-source container technologies with the IBM Secure Service Container framework to create a highly secure environment for building and deploying applications that embrace cloud native and cloud ready application development tooling and practices. A beta of this technology integration will be available for user engagement via http://ibm.biz/sscbeta.
The new IBM LinuxONE Emperor II is based on IBM Z technology and uses the industry’s fastest commercially available microprocessor, running at 5.2GHz. Combined with instruction-set optimization and capabilities such as pauseless garbage collection, this delivers industry-leading speed including 2.6x better performance for Java workloads.
Up to 170 cores and up to 32TB of memory then enable IBM LinuxONE to deliver extreme scalability, able to support up to two million Docker containers, a 17TB MongoDB database on a single system, and up to 377 billion database transactions per day.
IBM LinuxONE in practice
During the IBM keynote at Open Source Summit, we shared the story of The Plastic Bank – a social enterprise that is both reducing ocean pollution and helping to address global poverty, by providing the ability for people in developing nations to recycle plastic in exchange for digital tokens that they can use to buy goods.
The Plastic Bank needed to provide a highly secure, auditable system that could scale exponentially from Day One. They chose to work with systems integrator and managed service provider, Cognition Foundry, and IBM to run Blockchain on IBM LinuxONE. You can find out the reasons behind their choice in a blog by The Plastic Bank’s Shaun Frankson.
Like electric cars, we believe that highly secure, highly scalable and highly engineered Linux servers have the power to transform the market and change the world. To find out more, visit the IBM LinuxONE news page at www.ibm.com/linuxone/news and read the analyst reports.
Adam Jollans is currently a portfolio marketing manager in the worldwide LinuxONE marketing team, responsible for developing the marketing strategy for IBM’s LinuxONE server and its ecosystem.
With microservice architecture where it is today, the gap between the good, the bad, and the ugly, is now enormous in terms of being able to deliver high-quality software with speed and efficiency. In fact, the difference is so huge now that it was demonstrated by Bob Wise, CTO of Samsung’s cloud native computing team in a talk that showed high-performance organizations have 200 times more frequent deployments, 24 times faster recovery from failure, three times lower change failure rate and 2,555 times shorter lead times than low-performance organizations. That’s a huge difference, to say the least, and if your organization is on the lower end of that spectrum, the time to panic was yesterday.
Now I talk regularly at local meetups and I went as a speaker to few big conferences. Given that I am no expert in public speaking, my heart beat rises and occasionally words scramble as I am on the stage. But still, I will give you some reasons, why you should speak at conferences or at least attend them.
One of the influencers from Microsoft tweeted that attending conferences will show you the path to what to learn next. He is right, because honestly people can’t remember everything from all the talks (at least in my case). Usually there will be around 6 to 8 talks in a day at any given conference, So when you are presented with that much information on different topics in a single day, you won’t learn much as your brain will be overwhelmed with information.
Open Source Summit North America in Los Angeles was packed with keynotes, technical sessions, and special presentations, including a conversation with Linux creator Linus Torvalds. In case you couldn’t make it, CodePop.com’s Gregg Pollack has put together some short videos recapping highlights of the event.
OSN Days are a fantastic opportunity for network developers and users to learn how ONAP, OPNFV, OpenDaylight and other open source initiatives are changing NFV/SDN orchestration and networking solutions. Stops on the tour include: Paris, Milan,Stockholm,London,Tel Aviv, and Japan.Register today for an upcoming OSN Day in your region.
The day-long events will start with a plenary session where attendees will hear from site hosts and The Linux Foundation speakers on the state of the industry and the collaboration and touch points between projects that make up the open source networking stack. Presenters will also explore how business opportunities like 5G and IoT are enabled by network transformation. In the afternoon, events may feature technical sessions, tutorials, demonstrations, and workshops that empower attendees to participate, contribute, and deepen their knowledge of open source networking.
At many organizations, managing containerized applications at scale is the order of the day (or soon will be). And few open source projects are having the impact in this arena that Kubernetes is.
Above all, Kubernetes is ushering in “operations transformation” and helping organizations make the transition to cloud-native computing, says Craig McLuckie co-founder and CEO of Heptio and a co-founder of Kubernetes at Google, in a recent free webinar, ‘Getting to Know Kubernetes.’ Kubernetes was created at Google, which donated the open source project to theCloud Native Computing Foundation.
As was historically true for the very first Local-Area Networks and Linux alike, McLuckie noted that small groups of upstart staffers at many organizations are driving operational change by adopting Kubernetes.
I’ve been using the lm-sensors tool ever since CPUs became hot enough to melt themselves. It monitors CPU temperature, fan speeds, and motherboard voltages. In this two-part series, I’ll explain some advanced uses of lm-sensors, and look at some of the best graphical interfaces to use with it.
Install and Run
Install lm-sensors, then run it with no options to see what it does:
This is on an Ubuntu PC. My openSUSE Leap system installs it with a working configuration, but Ubuntu needs some additional tweaking. Run sensors-detect to set it up to detect even more stuff. The safe method is to accept all of the defaults by pressing the return key to answer every question:
$ sudo sensors-detect
# sensors-detect revision 6284 (2015-05-31 14:00:33 +0200)
# Board: ASRock H97M Pro4
# Kernel: 4.4.0-96-generic x86_64
# Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (6/60/3)
This program will help you determine which kernel modules you need
to load to use lm_sensors most effectively. It is generally safe
and recommended to accept the default answers to all questions,
unless you know what you're doing.
Some south bridges, CPUs or memory controllers contain embedded sensors.
Do you want to scan for them? This is totally safe. (YES/no):
[...]
When it finishes scanning, it will ask you if you want it to modify /etc/modules:
To load everything that is needed, add this to /etc/modules:
#----cut here----
# Chip drivers
coretemp
nct6775
#----cut here----
If you have some drivers built into your kernel, the list above will
contain too many modules. Skip the appropriate ones!
Do you want to add these lines automatically to /etc/modules? (yes/NO)
Before you answer, look in your kernel configuration file to see if the drivers are built-in, or are loadable modules. If they are built-in then don’t modify /etc/modules. If they are modules, then modify /etc/modules. This is what loadable modules look like in my /boot/config-4.4.0-96-generic file:
A feast of information! Much of which is not useful because devices do not exist or are not connected, like most of the fan sensors. On Ubuntu I disabled these in /etc/sensors3.conf with the ignore directive:
ignore fan1
ignore fan3
ignore fan4
ignore fan5
Now when I run sensors the output does not include those (Figure 1). You should be able to put your customizations in files in /etc/sensors.d, but this doesn’t work on my Ubuntu machine.
Learn how to use lm-sensors to monitor CPU temperature, fan speeds, and motherboard voltages.
What do Those Things Mean?
CPUTIN is CPU temperature index, AUXTIN is auxiliary temperature index, and SYSTIN is system temperature index. These are all sensors on the motherboard. AUXTIN is the power supply temperature sensor, and SYSTIN measures motherboard temperature. Core temperature is different from CPUTIN as it reads from a sensor on your CPU.
HYST is short for hysteresis. This is the value that you want an alarm to turn off. For example, if your alarm temperature is 80C, set your HYST value to stop the alarm when the temperature falls to 75C.
Get the Specs
The basic lm-sensors monitoring of CPU temperatures may be enough for you. However, you can finely-tweak lm-sensors for greater accuracy, change labels, and run it as a daemon. You need the spec sheet for your motherboard (which will also help make sense of your lm-sensors output). Find your exact motherboard model and version by running $ sudo dmidecode -t 2. The kernel driver documentation is also useful. For example, this is the kernel spec for my nct6775 driver.
Come back next week and we’ll learn even cooler advanced uses of lm-sensors.
Learn more about Linux through the free “Introduction to Linux” course from The Linux Foundation and edX.
