Ubuntu Unleashed

Via cnet:
Google Desktop has been available for some time now on Windows, Mac and Linux platforms. However, Google Gadgets — mini-applications that can be placed anywhere on the desktop — have, until now, only been available on Windows and Mac. Jim Zhuang, of Google's software engineering team, announced the first Linux version on Tuesday.

"Since releasing Google Desktop for Linux, we've added almost all of our most requested features, like 64-bit support and the ability to search applications and documents. All [but for] one major exception: Desktop Gadgets," wrote Zhuang on the company's open-source blog. "Gadget support is not just a single feature, but rather an entire platform for miniature applications. It's a complex undertaking, but we're now putting the finishing touches on the product."


Zhuang invited developers to view the source code for the entire project. "For Gadgets for Linux, we don't just want to simply release the final offering, but we also want to give everyone a chance to tinker with the code powering the gadgets," Zhuang wrote. "For this project, fostering a transparent and lively developer community is just as important as serving our users."

Google Gadgets for Linux are compatible with those written for Google Desktop for Windows and the "Universal Gadgets" on iGoogle. Therefore, according to the company, "a large library of existing gadgets [is] immediately available to Linux users, [and] gadget developers will benefit from a much larger potential user base without having to learn a new API".

The downloadable application includes the gadget library and a host program to allow users to run the gadgets on the desktop. Hosts are available for both GTK+ and Qt. The project is open sourced under the Apache License.

Howto Install:
Open System->Administration->Software Sources->Third Party repo's
Add these repo's:
deb http://ppa.launchpad.net/googlegadgets/ubuntu hardy main
deb-src http://ppa.launchpad.net/googlegadgets/ubuntu hardy main

Now lets finally install shall we?
Click here after adding and refreshing the repository to install via one click or via the command line:
sudo apt-get install google-gadgets

Press Alt-F2 and type in ggl-gtk

You autostart Google Gadgets for Linux by opening sessions via System->Preferences->Sessions
Then click +Add and input the fields like this:
Name:Google Gadgets
Command Line:sleep 10 ; ggl-gtk
Click ok and then make sure its check marked to startup

Expand full post here...

Summary only...

Here is a collection of security tools that you should look through to add to your arsenal to help keep the peace on your pc/network or unleash war on others for whatever reason.

You can simply install these tools by clicking on the title within firefox in Ubuntu Hardy Heron.

Most of these are command line tools which need to be invoked via the Terminal:
Applications->Accessories->Terminal

If you need help with these tools, please read the manual via man "application" in the terminal, and feel free to comment if you need a little assistance or care to add to this growing list

Sniffers:

dsniff
Various tools to sniff network traffic for cleartext insecurities
This package contains several tools to listen to and create network traffic:

* arpspoof - Send out unrequested (and possibly forged) arp replies.
* dnsspoof - forge replies to arbitrary DNS address / pointer queries
on the Local Area Network.
* dsniff - password sniffer for several protocols.
* filesnarf - saves selected files sniffed from NFS traffic.
* macof - flood the local network with random MAC addresses.
* mailsnarf - sniffs mail on the LAN and stores it in mbox format.
* msgsnarf - record selected messages from different Instant Messengers.
* sshmitm - SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
* sshow - SSH traffic analyser.
* tcpkill - kills specified in-progress TCP connections.
* tcpnice - slow down specified TCP connections via "active"
traffic shaping.
* urlsnarf - output selected URLs sniffed from HTTP traffic in CLF.
* webmitm - HTTP / HTTPS monkey-in-the-middle. transparently proxies.
* webspy - sends URLs sniffed from a client to your local browser
(requires libx11-6 installed).

Please do not abuse this software.

-

imsniff
Simple program to log Instant Messaging activity on the network
The imsniff program can be used to log IM activity on the network. It uses
libpcap to capture packets and analyzes them, logging conversation, contact
lists, etc.

Users connecting after imsniff is started can get pretty good results,
including complete contact lists and events (displaying a name change, for
example). Users already connected will be able to get the conversations, but
will miss the other information.

The only required parameter is the interface name to listen to. This can be
any interface that libpcap supports. A sample imsniff.conf.sample file is
included.

imsniff is beta software, for now, only MSN is supported. Others could follow.

Author: Carlos Fernandez

-

ksniffer
network traffic analyzer for KDE
KSniffer is a network traffic analyzer, or "sniffer" for KDE.

A sniffer is a tool used to capture packets from your network.

it detects network protocols like IP, TCP, UDP, ICMP and ARP.

-

nwatch

Network service detector
NWatch is a sniffer but can be conceptualized as a "passive port
scanner", in that it is only interested in IP traffic and it organizes
results as a port scanner would.

The advantage of this tool is that services that are open for a short
period of time can be detected with NWatch while successive nmap scans
will miss them. The disadvantage is that the service have to be actively
used to be detected.

-

scapy

Scapy is a powerful interactive packet manipulation tool, packet
generator, network scanner, network discovery, packet sniffer, etc. It
can for the moment replace hping, 85% of nmap, arpspoof, arp-sk, arping,
tcpdump, tethereal, p0f, ....

In scapy you define a set of packets, then it sends them, receives
answers, matches requests with answers and returns a list of packet couples
(request, answer) and a list of unmatched packets. This has the big advantage
over tools like nmap or hping that an answer is not reduced to
(open/closed/filtered), but is the whole packet.

Homepage: http://www.secdev.org/projects/scapy/

It was previously named scapy. This is a transitional package
so scapy users get python-scapy on upgrades. This package handles
scapy -> python-scapy. It can be safely removed.

-

Snort

Flexible Network Intrusion Detection System
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
to being used to detect a variety of other attacks and probes, such
as buffer overflows, stealth port scans, CGI attacks, SMB probes, and
much more. Snort has a real-time alerting capability, with alerts being
sent to syslog, a separate "alert" file, or even to a Windows computer
via Samba.

This package provides the plain-vanilla snort distribution and does not
provide database (available in snort-pgsql and snort-mysql) support.

-

tcpick
TCP stream sniffer and connection tracker
This libpcap-based textmode sniffer can:
* track, reassemble and reorder TCP streams
* save the captured flows in different files or display them in the terminal
* display all the stream on the terminal with different display modes like
hexdump, hexdump + ascii, only printable characters, raw mode, colorized
mode ...
* handle several network interface types, including ethernet cards and PPP
interfaces

-
Tshark

Wireshark network traffic analyzer (console interface)
Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. A sniffer is a tool used to capture
packets off the wire. Wireshark decodes numerous protocols (too many
to list).

This package provides the console version of wireshark, named
"tshark".

-

WireShark
network traffic analyzer
Wireshark is a network traffic analyzer, or "sniffer", for Unix and
Unix-like operating systems. A sniffer is a tool used to capture
packets off the wire. Wireshark decodes numerous protocols (too many
to list).

This package provides wireshark (the GTK+ version)

-
Last But not least for the sniffers is my personal fav:
Ettercap
Multipurpose sniffer/interceptor/logger for switched LAN
Ettercap supports active and passive dissection of many protocols
(even ciphered ones) and includes many feature for network and host
analysis.

Data injection in an established connection and filtering (substitute
or drop a packet) on the fly is also possible, keeping the connection
synchronized.

Many sniffing modes were implemented to give you a powerful and complete
sniffing suite. It's possible to sniff in four modes: IP Based, MAC Based,
ARP Based (full-duplex) and PublicARP Based (half-duplex).

It has the ability to check whether you are in a switched LAN or
not, and to use OS fingerprints (active or passive) to let you know the
geometry of the LAN.

Wireless Tools:

aircrack-ng
Grab the latest @ www.aircrack-ng.com
wireless WEP/WPA cracking utilities
aircrack-ng is an 802.11a/b/g WEP/WPA cracking program that can recover a
40-bit, 104-bit, 256-bit or 512-bit WEP key once enough encrypted packets have
been gathered. Also it can attack WPA1/2 networks with some advanced
methods or simply by brute force.

It implements the standard FMS attack along with some optimizations,
thus making the attack much faster compared to other WEP cracking tools.
It can also fully use a multiprocessor system to its full power in order
to speed up the cracking process.

aircrack-ng is a fork of aircrack, as that project has been stopped by
the upstream maintainer.

-

Kismet
Wireless 802.11b monitoring tool
Kismet is a 802.11b wireless network sniffer. It is capable of sniffing
using almost any supported wireless card using the Airo, HostAP, Wlan-NG,
and Orinoco (with a kernel patch) drivers.

Can make use of sox and festival to play audio alarms for network events
and speak out network summary on discovery. Optionally works with gpsd
to map scanning.

-
Prismstumbler
Wireless network sniffer
Prismstumbler is a packet sniffer for 802.11b wireless LANs.

-
SWScanner
Simple Wireless Scanner
SWScanner is a KDE application specially designed to make easy the whole
wardriving process, but also intended to facilitate many tasks related
to wireless networks. SWScanner is compatible with NetStumbler files and
supports GPS devices.

-

WEPLab
tool designed to break WEP keys
WepLab is a tool designed to teach how WEP works, what different
vulnerabilities it has, and how they can be used in practice to
break a WEP protected wireless network.

WepLab can dump network traffic, analyse it or crack the WEP key.

-

Portscanning:
NMAP
The Network Mapper
Nmap is a utility for network exploration or security auditing. It
supports ping scanning (determine which hosts are up), many port
scanning techniques, version detection (determine service protocols
and application versions listening behind ports), and TCP/IP
fingerprinting (remote host OS or device identification). Nmap also
offers flexible target and port specification, decoy/stealth scanning,
sunRPC scanning, and more. Most Unix and Windows platforms are
supported in both GUI and commandline modes. Several popular handheld
devices are also supported, including the Sharp Zaurus and the iPAQ.

-

PnScan
Multi threaded port scanner
Pnscan is a multi threaded port scanner that can scan a large network
very quickly. If does not have all the features that nmap have but
is much faster.

-

DoScan
port scanner for discovering services on large networks
doscan is a tool to discover TCP services on your network. It is
designed for scanning a single ports on a large network. doscan
contacts many hosts in parallel, using standard TCP sockets provided
by the operating system. It is possible to send strings to remote
hosts, and collect the banners they return.

There are better tools for scanning many ports on a small set of
hosts, for example nmap.

-
HPING3
Active Network Smashing Tool
hping3 is a network tool able to send custom ICMP/UDP/TCP packets and
to display target replies like ping does with ICMP replies. It handles
fragmentation and arbitrary packet body and size, and can be used to
transfer files under supported protocols. Using hping3, you can test
firewall rules, perform (spoofed) port scanning, test network
performance using different protocols, do path MTU discovery, perform
traceroute-like actions under different protocols, fingerprint remote
operating systems, audit TCP/IP stacks, etc. hping3 is scriptable
using the TCL language.

-
Paketto
Unusual TCP/IP testing tools
The Paketto Keiretsu is a collection of tools that use new and unusual
strategies for manipulating TCP/IP networks. scanrand is said to be
faster than nmap and more useful in some scenarios.

This package includes:
* scanrand, a very fast port, host, and network trace scanner
* minewt, a user space NAT/MAT (MAC Address Translation) gateway
* linkcat(lc), that provides direct access to the network (Level 2)
* paratrace, a "traceroute"-like tool using existing TCP connections
* phentropy, that plots a large data source onto a 3D matrix

-

Packit
Network Injection and Capture
Packit is a network auditing tool. Its value is derived from its ability
to customize, inject, monitor, and manipulate IP traffic. By allowing you
to define (spoof) nearly all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet
header options, Packit can be useful in testing firewalls, intrusion
detection systems, port scanning, simulating network traffic, and general
TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP.

-

ScanSSH
get SSH server versions for an entire network
The ScanSSH protocol scanner scans a list of addresses and networks for
running SSH protocol servers and their version numbers. Version 2.0 adds
support for scanning arbitrary ports and specifically open proxies. The
ScanSSH protocol scanner supports random selection of IP addresses from
large network ranges and is useful for gathering statistics on the
deployment of SSH protocol servers in a company or the Internet as whole.

-
p0f
Passive OS fingerprinting tool
p0f performs passive OS detection based on SYN packets. Unlike nmap
and queso, p0f does recognition without sending any data.
Additionally, it is able to determine the distance to the remote
host, and can be used to determine the structure of a foreign or
local network. When running on the gateway of a network it is able
to gather huge amounts of data and provide useful statistics. On a
user-end computer it could be used as powerful IDS add-on. p0f
supports full tcpdump-style filtering expressions, and has an
extensible and detailed fingerprinting database.

-

Misc Tools:
TCPTraceroute
A traceroute implementation using TCP packets
The more traditional traceroute(8) sends out either UDP or ICMP ECHO
packets with a TTL of one, and increments the TTL until the destination
has been reached. By printing the gateways that generate ICMP time
exceeded messages along the way, it is able to determine the path packets
are taking to reach the destination.

The problem is that with the widespread use of firewalls on the modern
Internet, many of the packets that traceroute(8) sends out end up being
filtered, making it impossible to completely trace the path to the
destination. However, in many cases, these firewalls will permit inbound
TCP packets to specific ports that hosts sitting behind the firewall are
listening for connections on. By sending out TCP SYN packets instead of
UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common
firewall filters.

Traceroute
Traces the route taken by packets over an IPv4/IPv6 network
The traceroute utility displays the route used by IP packets on their way to a
specified network (or Internet) host. Traceroute displays the IP number and
host name (if possible) of the machines along the route taken by the packets.
Traceroute is used as a network debugging tool. If you're having network
connectivity problems, traceroute will show you where the trouble is coming
from along the route.

Install traceroute if you need a tool for diagnosing network connectivity
problems.

Homepage:

Whois
the GNU whois client
This is a new whois (RFC 3912) client rewritten from scratch.
It is inspired from and compatible with the usual BSD and RIPE whois(1)
programs.
It is intelligent and can automatically select the appropriate whois
server for most queries.

The package also contains mkpasswd, a simple front end to crypt(3).

-

Rootkit Detection:

Chkrootkit
Checks for signs of rootkits on the local system
chkrootkit identifies whether the target computer is infected with a rootkit.
Some of the rootkits that chkrootkit identifies are:
1. lrk3, lrk4, lrk5, lrk6 (and some variants);
2. Solaris rootkit;
3. FreeBSD rootkit;
4. t0rn (including latest variant);
5. Ambient's Rootkit for Linux (ARK);
6. Ramen Worm;
7. rh[67]-shaper;
8. RSHA;
9. Romanian rootkit;
10. RK17;
11. Lion Worm;
12. Adore Worm.
Please note that this is not a definitive test, it does not ensure that the
target has not been cracked. In addition to running chkrootkit, one should
perform more specific tests.

-

RkHunter
rootkit, backdoor, sniffer and exploit scanner
Rootkit Hunter scans systems for known and unknown rootkits,
backdoors, sniffers and exploits.

It checks for:
- MD5 hash changes;
- files commonly created by rootkits;
- executables with anomalous file permissions;
- suspicious strings in kernel modules;
- hidden files in system directories;
and can optionally scan within files.

Using rkhunter alone does not guarantee that a system is not
compromised. Running additional tests, such as chkrootkit, is
recommended.

-

UnHide
Forensic tool to find hidden processes and ports
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.

unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)

unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
/bin/netstat through brute forcing of all TCP/UDP ports available.

This package can be used by rkhunter in its daily scans.

-

Secure Erase:
wipe
Secure file deletion
Recovery of supposedly erased data from magnetic media is easier than what many
people would like to believe. A technique called Magnetic Force Microscopy
(MFM) allows any moderately funded opponent to recover the last two or three
layers of data written to disk. Wipe repeatedly writes special patterns to the
files to be destroyed, using the fsync() call and/or the O_SYNC bit to force
disk access.

-

Undelete/Recovery:

Foremost
Forensics application to recover data
This is a console program to recover files based on their headers and
footers for forensics purposes.

Foremost can work on disk image files, such as those generated by dd,
Safeback, Encase, etc, or directly on a drive. The headers and footers
are specified by a configuration file, so you can pick and choose which
headers you want to look for.

-

e2undel
Undelete utility for the ext2 file system
Interactive console tool to recover the data of deleted files on
an ext2 file system under Linux. It does not require knowledge
about how ext2 file systems works and should be usable by
most people.

This tools searches all inodes marked as deleted on a file system and
lists them as sorted by owner and time of deletion. Additionally,
it gives you the file size and tries to determine the file type in
the way file(1) does. If you did not just delete a whole bunch of
files with a 'rm -r *', this information should be helpful to find
out which of the deleted files you would like to recover.

E2undel will not work on ext3 (journaling) filesystems.

Homepage: http://e2undel.sourceforge.net

-

Recover
Undelete files on ext2 partitions
Recover automates some steps as described in the ext2-undeletion
howto. This means it seeks all the deleted inodes on your hard drive
with debugfs. When all the inodes are indexed, recover asks you some
questions about the deleted file. These questions are:
* Hard disk device name
* Year of deletion
* Month of deletion
* Weekday of deletion
* First/Last possible day of month
* Min/Max possible file size
* Min/Max possible deletion hour
* Min/Max possible deletion minute
* User ID of the deleted file
* A text string the file included (can be ignored)

If recover found any fitting inodes, it asks to give a directory name
and dumps the inodes into the directory. Finally it asks you if you
want to filter the inodes again (in case you typed some wrong
answers).

Note that recover works only with ext2 filesystems - it does not support
ext3.

http://recover.sourceforge.net/linux/recover/

-

Port Scan Detection:

PSAD
The Port Scan Attack Detector
PSAD is a collection of four lightweight system daemons written in
Perl and in C that is designed to work with Linux firewalling code
(iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels)
to detect port scans. It features a set of highly configurable danger
thresholds (with sensible defaults provided), verbose alert messages
that include the source, destination, scanned port range, begin and
end times, tcp flags and corresponding nmap options (Linux 2.4.x
kernels only), reverse DNS info, email alerting, and automatic
blocking of offending ip addresses via dynamic configuration of
ipchains/iptables firewall rulesets.

In addition, for the 2.4.x kernels psad incorporates many
of the tcp signatures included in Snort to detect highly suspect scans
for:

* various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven)
* DDoS tools (mstream, shaft)
* advanced port scans (syn, fin, xmas) such as those made with nmap

Homepage: http://www.cipherdyne.org/

-
PortSentry
Portscan detection daemon
PortSentry has the ability to detect portscans(including stealth scans) on
the network interfaces of your machine. Upon alarm it can block the
attacker via hosts.deny, dropped route or firewall rule. It is part of the
Abacus program suite.

Note: If you have no idea what a port/stealth scan is, It's recommended to
have a look at http://sf.net/projects/sentrytools/ before installing this
package. Otherwise you might easily block hosts you'd better not (e.g. your
NFS-server, name-server, etc.).

-

Snort
Flexible Network Intrusion Detection System
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
to being used to detect a variety of other attacks and probes, such
as buffer overflows, stealth port scans, CGI attacks, SMB probes, and
much more. Snort has a real-time alerting capability, with alerts being
sent to syslog, a separate "alert" file, or even to a Windows computer
via Samba.

This package provides the plain-vanilla snort distribution and does not
provide database (available in snort-pgsql and snort-mysql) support.

-

Privilege escalation detection:
Ninja
Ninja is a privilege escalation detection and prevention
system for GNU/Linux hosts. While running, it will monitor
process activity on the local host, and keep track of all
processes running as root. If a process is spawned with
UID or GID zero (root), ninja will log necessary information
about this process, and optionally kill the process
if it was spawned by an unauthorized user.
A "magic" group can be specified, allowing members of this
group to run any setuid/setgid root executable.
Individual executables can be whitelisted. Ninja uses a
fine grained whitelist that lets you whitelist executables
on a group and/or user basis. This can be used to allow
specific groups or individual users access to setuid/setgid
root programs, such as su(1) and passwd(1).

Homepage: http://forkbomb.org/ninja

Filesystem Integrity:

Aide
Advanced Intrusion Detection Environment - static binary
AIDE is an intrusion detection system that detects changes to files on
the local system. It creates a database from the regular expression rules
that it finds from the config file. Once this database is initialized
it can be used to verify the integrity of the files. It has several
message digest algorithms (md5, sha1, rmd160, tiger, haval, etc.) that are
used to check the integrity of the file. More algorithms can be added
with relative ease. All of the usual file attributes can also be checked
for inconsistencies.

This package contains the statically linked binary for "normal"
systems.

You will almost certainly want to tweak the configuration file in
/etc/aide/aide.conf or drop your own config snippets into
/etc/aide/aide.conf.d.

Upstream URL: http://sourceforge.net/projects/aide

-

Integrit
A file integrity verification program
Integrit helps you determine whether an intruder has modified your
system. Without the use of integrit, a sysadmin wouldn't know if the
programs used for investigating the system are trojan horses or not.
Integrit works by creating a database that is a snapshot of the most
essential parts of the system. You put the database somewhere safe,
and then later you can use it to make sure that no one has made any
illicit modifications to your file system.

Integrit's key features are the small memory footprint, the design
with unattended use in mind, intuitive cascading rulesets for the
paths listed in the configuration file, the possibility of XML or
human-readable output, and simultaneous checks and updates.

See http://integrit.sourceforge.net/ for more information.

-

Debsums
Verify installed package files against MD5 checksums.
debsums can verify the integrity of installed package files against
MD5 checksums installed by the package, or generated from a .deb
archive.

-

Fcheck
IDS filesystem baseline integrity checker
The fcheck utility is an IDS (Intrusion Detection System)
which can be used to monitor changes to any given filesystem.

Essentially, fcheck has the ability to monitor directories, files
or complete filesystems for any additions, deletions, and modifications.
It is configurable to exclude active log files, and can be ran as often
as needed from the command line or cron making it extremely difficult to
circumvent.

-

SamHain
Data integrity and host intrusion alert system
Samhain is an integrity checker and host intrusion detection system that
can be used on single hosts as well as large, UNIX-based networks.
It supports central monitoring as well as powerful (and new) stealth
features to run undetected on memory using steganography.

Main features
* Complete integrity check
+ uses cryptographic checksums of files to detect
modifications,
+ can find rogue SUID executables anywhere on disk, and
* Centralized monitoring
+ native support for logging to a central server via encrypted
and authenticated connections
* Tamper resistance
+ database and configuration files can be signed
+ logfile entries and e-mail reports are signed
+ support for stealth operation

Homepage: http://la-samhna.de/samhain/index.html

-

SleuthKit
Tools for forensics analysis
The Sleuth Kit (previously known as TASK) is a collection of UNIX-based
command line file system and media management forensic analysis tools.
The file system tools allow you to examine file systems of a suspect
computer in a non-intrusive fashion. Because the tools do not rely on
the operating system to process the file systems, deleted and hidden
content is shown.

The media management tools allow you to examine the layout of disks and
other media. The Sleuth Kit supports DOS partitions, BSD partitions
(disk labels), Mac partitions, and Sun slices (Volume Table of
Contents). With these tools, you can identify where partitions are
located and extract them so that they can be analyzed with file system
analysis tools.

When performing a complete analysis of a system, we all know that
command line tools can become tedious. The Autopsy Forensic Browser is
a graphical interface to the tools in The Sleuth Kit, which allows you
to more easily conduct an investigation. Autopsy provides case
management, image integrity, keyword searching, and other automated
operations.

The Sleuth Kit's upstream homepage can be found at
http://www.sleuthkit.org/sleuthkit/.

-

Stealth
A stealthy File Integrity Checker
The STEALTH program performs File Integrity Checks on (remote) clients. It
differs from other File Integrity Checkers by not requiring baseline
integrity data to be kept on either write-only media or in the client's file
system. In fact, client's will contain hardly any indication at all that they
are being monitored, thus improving the stealthiness of the integrity scans.

STEALTH uses standard available software to perform file integrity checks
(like find(1) and md5sum(1)). Using individualized policy files, it is highly
adaptable to the specific requirements of its clients.

In production environments STEALTH should be run from an isolated computer
(called the `STEALTH monitor'). In optimal configurations the STEALTH
monitor should be a computer not accepting incoming connections. The account
used to connect to its clients does not have to be `root': usually
read-access to the client's file system is enough to perform a full integrity
check. Instead of using `root' a more restrictive administrative or
ordinary account might offer all requirements for the desired integrity
check.

STEALTH itself must communicate with the computers it should monitor. It is
essential that this communication is secure, and STEALTH configurations will
therefore normally specify SSH as the command-shell to use to connect to its
clients. STEALTH may be configured so as to use but one SSH connection per
client, even if integrity scans are to be performed repeatedly. Apart from
this, the STEALTH monitor might be allowed to send e-mail to remote clients
system's maintainers.

STEALTH-runs itself may start randomly within specified intervals. The
resulting unpredicability of STEALTH-runs further increases STEALTH's
stealthiness.

STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired
through a Locally Trusted Host': the client's trust is enforced, the locally
trusted host is the STEALTH monitor.

-

TripWire
file and directory integrity checker
Tripwire is a tool that aids system administrators and users in
monitoring a designated set of files for any changes. Used with
system files on a regular (e.g., daily) basis, Tripwire can notify
system administrators of corrupted or tampered files, so damage
control measures can be taken in a timely manner.

Have anything else worth mentioning? Please leave a comment

Expand full post here...

Summary only...

Did you ever try Apple's Time Machine for OSX? Well if you have and you like it, and switched from Apple to Linux you will want to give this nice little application a try, this application is currently being developed here at Google Code

How Does FlyBack work?

FlyBack is a snapshot-based backup tool based on rsync It creates successive backup directories mirroring the files you wish to backup, but hard-links unchanged files to the previous backup. This prevents wasting disk space while providing you with full access to all your files without any sort of recovery program. If your machine crashes, just move your external drive to your new machine and copy the latest backup using whatever file browser you normally use.

Note that this means you can selectively delete specific backups and still retain files stored in previous ones. (ie., you can delete tuesday's backup and keep monday's, without screwing up wednesday's)

Ways FlyBack Differs from Time Machine

1. There is no inotify mechanism in Linux, so FlyBack scans your entire directory structure when performing a backup.
2. No hard-linking

This morning I created a install package for everyone running gnome, it should work, let me know if you have any issues.

Lets get to installing shall we?

Click Here to install the necessary packages with apt-url or via Applications->Accessories->Terminal:
sudo apt-get install python python-glade2 python-gnome2 python-sqlite3 rsync python-pysqlite2

Click Here to download flyback to your desktop or any directory

Right Click on flyback.tar.gz and select "Extract Here.."

Once extracted enter the flyback directory

To Install double click install and select run, enter sudo password then click ok twice

To Uninstall double click uninstall and select run, enter sudo password then click ok twice

The slideshow is an good example of these steps.

Y can access Flyback via Applications->System Tools->flyback
-

(optional)Alternate svn install:

Make sure you have the following packages installed for your correct distro:

Debian:
sudo apt-get install python python-glade2 python-gnome2 python-sqlite3 rsync
Ubuntu:
sudo apt-get install python python-glade2 python-gnome2 python-sqlite3 python-gconf rsync
Redhat/Fedora:
yum install pygtk2 gnome-python2-gconf pygtk2-libglade python-sqlite3

Then download via svn you will need to:
sudo apt-get install subversion
svn checkout http://flyback.googlecode.com/svn/trunk/ flyback
cd flyback/src
To Run:
python flyback.py

Expand full post here...

Summary only...

Are you effected by this bug?
Lets find out first:
1. Login to user 1
2. Use the fast user switcher applet to login to user 2
3. Logout from user 2 session

Result : You get a white screen. You have to type your password and the white screen will disappears.

or
Try this:
1. Login.
2. Open a terminal and do "sleep 15 && zenity --question"
3. Hit Ctrl-Alt-F1 to get to a console.
4. Count to fifteen, slowly.
5. Hit Ctrl-Alt-F7 to get back to you gui session.
Expected result: zenity should have put up a question dialog-box.
Actual result: zenity's dialog-box is white.

If you get the following bug a fix has been released by Mario

Go to System --> Administration --> Software Sources and select the Third-Party Software tab. Click on Add and enter the following line:
deb http://ppa.launchpad.net/superm1/ubuntu hardy main

Then click on Add again and enter the following line:
deb-src http://ppa.launchpad.net/superm1/ubuntu hardy main

Click on Close, then on Reload. Shortly your software updater will indicate that there are updates available for compiz. Install them, restart your machine, and voila!

For more information on this fix and to follow the bug fix process please see bug 160264

Expand full post here...

Summary only...

Explore the world of the entertainer project:

Created with Admarket's flickrSLiDR.
Entertainer aims to be a simple and easy-to-use media center solution for Gnome and XFce desktop environments. Entertainer is written completely in Python using object-oriented programming paradigm. It uses GStreamer multimedia framework for multimedia playback. User Interface is implemented with Clutter UI-library, which allows sleek OpenGL animated user interfaces. Entertainer also uses other great projects like SQLite, pyIMDBb and iNotify.

The ultimate goal of the project is to create the best media center solution available for any platform. This means that Entertainer should be the best looking, most easy to use and most feature filled media center solution available. Not the easiest goal to achieve. It's a long way, but we have a good start here!
If you are interested in participating in the project, please send me an e-mail to lauri@taimila.com.
RSS-feed of the developer's blog. Get the latest news of the project easily!

Here are some Features:

Movies and TV-series

Music library

Photographs

RSS-reader

Themes

Entertainer supports themeing! Make your media center look just like you. Creating themes is relatively easy.



Howto Install in Hardy Heron!
Open a Terminal via Applications->Accessories->Terminal
Grab the dependencies...
sudo apt-get install python-notify python-feedparser python-pyvorbis python-pyogg python-eyed3 python-pysqlite2 python-gtk2 python-glade2 python-clutter python-pyvorbis python-imaging python-pyinotify python-imdbpy python-cairo-dev gtk-doc-tools python-cddb subversion

Lets grab the source:
svn checkout http://entertainer-media-center.googlecode.com/svn/trunk/ entertainer
Change to entertainer directory
cd entertainer
Lets copy the configs to our home:
cp cfg ~/.entertainer -R

Ok great! Still with me? word...

Lets set our media folders with this nice gui:
cd src
./entertainer-content-management.py
A window will pop up like this:
Click add in each tab to add your media folders, rss feeds, and weather!

Now once your done click close.

Lets execute the backend, which processes the media directories/gui:
./entertainer-backend.py
Once that is setup lets execute the Frontend which is our gui to play with :)
./entertainer-frontend.py

Now you will need the keybindings to play with the gui:

Entertainer can be controlled only with keyboard at the moment. Here is a list of all keys:

• F - Toggle fullscreen on/off
• P - Toggle pause/play when video or audio is playing.
• S - Stop playback
• H - Navigate to home screen. Press this anywhere and main menu will be displayed.
• I - Toggle information view when watching photograph in fullscreen mode
• 1,2,3,4 - Change video playback aspect ratio
• Arrow keys - Navigate menus
• Enter - Select current menu item
• Backspace - Navigate to previous screen

Please note that this is a pre-release and work in progress program, so it will have tons of bugs and will be slow, because it isnt optimized/finished yet.

Links:	Entertainer homepage Entertainer Code Page Entertainer WiKi! Entertainer on Launchpad!
Blogs:	Lauri Taimila's Blog Paul Hummer's Blog Joshua Scotton's Blog Matt Laymans's Blog

Please report bugs and issues at this link to help improve this awesome application

Expand full post here...

Summary only...

Here is an overview on howto use ufw the Uncomplicated Firewall:

Lets turn UFW on:
sudo ufw enable
When you initially turn the firewall on, it is in ACCEPT mode, and will accept everything incoming and outgoing until you make rulesets.

The simple syntax to allow an incoming/outgoing connection on a specified port to any host would be:
sudo ufw allow 53
To specify a protocol, append ’/protocol’ to the port. For example lets enable tcp connections on port 53 incoming/outgoing:
sudo ufw allow 53/tcp
or for udp
sudo ufw allow 53/udp
You can also allow by service name since ufw reads from /etc/services
Lets see what services are in /etc/services:
cat /etc/services | less

As an example lets allow ssh which is port 22
sudo ufw allow ssh

You can also use a fuller syntax, specifying the source and destination addresses and ports. This syntax is based on OpenBSD’s PF syntax. Which will deny all traffic to tcp port 22 on this host
ufw deny proto tcp to any port 22

To deny all traffic from the RFC1918 Class A network (10.0.0.0/8) to tcp port 22 with the address 192.168.0.1 we would use this:
ufw deny proto tcp from 10.0.0.0/8 to 192.168.0.1 port 22

If you want to deny all traffic from the IPv6 2001:db8::/32 to tcp port 80 on this host you would use:
ufw deny proto tcp from 2001:db8::/32 to any port 80

To delete a rule, simply prefix the original rule with delete. For example, if the original rule was:
ufw deny 80/tcp
Use this to delete it:
sudo ufw delete deny 80/tcp

Lets deny all access to port 80
sudo ufw deny 80
Lets allow all access to port 80
sudo ufw allow 80/tcp

Lets block a single host:
sudo ufw deny from 207.46.232.182
The above command blocked microsoft lol
Lets block microsoft's class b
sudo ufw deny from 207.46.0.0/16

Lets allow all access from RFC1918 networks(LAN/WLAN's) to this host:
sudo ufw allow from 10.0.0.0/8
sudo ufw allow from 172.16.0.0/12
sudo ufw allow from 192.168.0.0/16

Lets Deny access to udp port 139 from host 192.168.1.1:
sudo ufw deny proto udp from 192.168.1.1 to any port 139
The same thing above with tcp instead:
sudo ufw deny proto tcp from 192.168.1.1 to any port 139

Allow access to udp 192.168.1.1 port 22 from 192.168.1.100 port 22:

sudo ufw allow proto udp from 192.168.1.100 port 22 to 192.168.1.1 port 22

To check the status of ufw with the ports in the listening state use:
sudo ufw status

To disable ufw use:
sudo ufw disable

To enable logging use:
ufw logging on

To disable logging use:
ufw logging off

Fore more complete information please see the Ubuntu Wiki

Or read the man pages via Applications->Accessories->Terminal
Then type:
man ufw

Expand full post here...

Summary only...

Here is a collection of gnome panel applets that I have found in the repositories, installed applets can be viewed and added to your gnome panel via right click on an empty panel space then click "Add to Panel"

Click titles to install these applets automagically within firefox if your running Gutsy or Hardy Heron

Check these out:


Bubbling Load Monitoring
A GNOME panel applet that displays the CPU + memory load as a bubbling
liquid.
Homepage: http://www.nongnu.org/bubblemon/

Computer temperature
Computer Temperature Monitor is a little applet
for the GNOME desktop that shows the temperature
of your CPU and disks in the panel.
It also allows to log temperatures to a file and set alarms
to notify the user when a temperature is reached.
More information: http://computertemp.berlios.de/


Cpufire-Applet
A gnome panel applet showing the CPU load as a fire
A CPU load monitor, that comes as a gnome panel applet. CPU load is
displayed as a beautiful fire, the higher the flames the higher the CPU
load.

Drapes
a desktop wallpaper management application for the GNOME desktop
The aim of drapes is to complete (or replace) the built-in GNOME desktop
wallpapers selection tool. It can be configured as a tray application or as a
panel applet. The bigest selling point of drapes is the ability to rotate
wallpapers on a timely basis. It strives to be as simple as possible and
fits in the rest of the GNOME 2 desktop.
Project Homepage: http://drapes.mindtouchsoftware.com/

Gimmie
elegant desktop organizer
Gimmie is a desktop organizer. It's designed to allow easy interaction
with all the applications, contacts, documents and other things you use
every day. Gimmie can be run either as a stand-alone application
or added as a GNOME Panel applet.
Homepage: http://www.beatniksoftware.com/gimmie

GNOME IP display applet
Giplet is a simple GNOME panel applet that displays your computer's IP address.
The IP can be either the one of a specified interface or the external one.
Giplet can also be set to check periodically for IP address changes.
Homepage: http://giplet.sourceforge.net/

GlipperClipboard manager for the GNOME panel
is a GNOME panel applet. It maintains a history of text copied
to the clipboard from which you can choose. Supports a configurable
number and length clipboard entries and saving clipboard history on exit.
It also uses plugins to give the user all the extra functionality they
want, including support for Actions, Snippets and No-Paste services.
Homepage: http://glipper.sourceforge.net/

Gnome-Blog
GNOME applet to post to weblog entries
gnome-blog is a panel object (aka applet) that can post to weblogs using
bloggerAPI, advogato API, MetaWeblog API or LiveJournal API
It notably works with Blogger.com / Blogspot.com, Advogato.org, Movable Type,
WordPress, LiveJournal.com and Pybloxsom.

Gnome-Main-Menu
GNOME start menu applet
This applet provides a "start menu" for the GNOME desktop.
It features a list of favorite applications, and recently used documents.
It also integrates with the Beagle search tool to provide search facilities
from the start menu. It provides shortcuts for common system
administration actions and integrates with network-manager for network
status reporting.

Gnome randr applet
Simple gnome-panel front end to the xrandr extension to change desktop resolution
Gnome-randr-applet is a simple gnome-panel front end to the xrandr
extension found in XFree86 4.3+ releases.

Gnome Voice Control
Speech recognizer to control the GNOME Desktop
The gnome-voice-control is an applet software developed
to control the GNOME Desktop by voice.
Homepage: http://live.gnome.org/GnomeVoiceControl

Googlizer
A utility to search Google via your GNOME menu/panel
This is a very simple and very handy utility that just spawns the
configured GNOME browser with a Google search on whatever you have in
the X clipboard (whatever you last selected). It's not even an applet,
just a program with a launcher that's nice to put on the panel - drag
it there from the menu. It also includes support for a command line
option -u/--url, to specify an alternative URL to which the search
should be appended before opening.

Gspot
A GNOME applet to query the Net
A Gnome applet for Searching the web in a Practical, Outlined
and Tidy way. This uses the text in the copy/paste clipboard and uses
it as search string for querying web-search engines, dictionaries,
web databases, etc.

GTodo applet for the GNOME panel
gtodo-applet contains the applet of the GNOME "to do" list manager
(GTodo) for the GNOME panel, that provides you with ways to easily
open GTodo, or even check some of your to do items that are due
the current day without opening it.
Homepage: http://qball.homelinux.org/

Hardware Monitor applet for the Gnome panel
Hardware Monitor is a monitor applet for the Gnome panel. It supports
a variety of monitoring capabilities (CPU usage, network throughput
etc.) and different kinds of viewers (curves, bars, text, flames).

Music Applet
GNOME panel applet to control several music players
Music Applet is a small, simple GNOME panel applet that lets you control a
variety of different music players from the panel. Music Applet provides
easy access to information about the current song and the most important
playback controls.
Music Applet currently supports Rhythmbox, Banshee and Muine and many others.

GNOME2 Network Load Applet
A simple textual network load monitor for the GNOME panel.
It shows the number of incoming/outgoing packets for the selected
interface.

It is not possible to watch two network interfaces with this applet.
If you need this feature I suggest you try the 'netspeed' applet which
is very similar but more advanced, or 'gnome-netstatus-applet' the official
Gnome2 applet for network monitoring.
Homepage: http://www.demonseed.net/~jp/code/netmon_applet/

NetSpeed
Traffic monitor applet for GNOME
Netspeed is an applet for the GNOME panel that shows how much traffic
occurs on a network device (ethernet card, wireless LAN card, or
dial-up).

OnTV
GNOME Applet for monitoring current and upcoming TV programs
OnTV is a GNOME Applet written in Python using PyGTK, it uses XMLTV files
to monitor current and upcoming TV programs. Features include:

* Program descriptions as tooltips.
* Remaining time of/until current and upcoming programs.
* Program search dialog with incremental search.
* Global keybindings for most common actions.
* Program reminders.
* and more...

Resapplet
A small applet to change your screen resolution
It uses XRANDR on-the-fly as well as GNOME Resolution Preferences.
Handy for laptops when using data projectors which only run at 1024x768.

Gnome Sensors Applet:
Display readings from hardware sensors in your Gnome panel
GNOME Sensors Applet is an applet for the GNOME panel that displays
readings from hardware sensors, including temperatures, fan speeds and
voltage readings.
It can gather data from the following sources:
* ACPI thermal zones, via the Linux kernel ACPI modules
* Linux kernel i2c modules
* lm-sensors (libsensors)
* Linux kernel i8k module (for Dell Inspiron Laptops)
* Linux kernel ibm-acpi module
* Linux kernel PowerPC modules therm_adt746x and therm_windtunnel
* Linux kernel iMac G5 Windfarm module
* hddtemp daemon for reading temperatures from S.M.A.R.T. equipped hard disks
* Linux kernel Omnibook module
* NVIDIA graphics cards
* Linux kernel sonypi module (for Sony Vaio laptops)
Alarms can be set for each sensor to notify the user once a certain high or
low value has been reached, and can be configured to execute a given command
at given repeated intervals.

SSHMenu for Gnome Panel:
A GNOME panel applet for connecting to hosts using SSH
sshmenu-gnome puts all your most frequently used SSH connections on a menu
in your GNOME panel. Click on a host name to open a new gnome-terminal
window with an ssh connection to the selected host. Set up options for
port forwarding, etc. using the preferences dialog.

Timer Applet
timer applet - a countdown timer applet for the GNOME panel
Features include:
* Quickly set a time and the applet will notify you when time is up
* Create presets for quick access to frequently-used times
* Small and unobtrusive. Choose to either view the remaining time right in
the panel or hide it so you don't get distracted by the countdown.
* Add multiple Timer Applets to the panel to have multiple timers running
simultaneously
* User interface follows the GNOME Human Interface Guidelines

TopShelf
current files applet for GNOME
TopShelf is a simple GNOME applet which provides a place to store the
files the user is currently working on (not right now, but in general,
in a period of time). Unlike a real shelf, however, TopShelf just
links to the files; it doesn't contain them.
The concept of TopShelf is to contain files that are put there by the
user, as opposed to the 'recent files list' which is automatically
managed. For example, the top shelf might contain a story the user is
currently writing; a project for school or for work, a diary, etc. On
the other hand, music and video files would typically not be in the
top shelf (since they cycle very fast), but they would appear in the
recent files list.

Webboard Pastebin submit Applet
Copy and paste to a public pastebin server
Publish text notes and source code on a pastebin server
for collaborative debugging.
WebBoard includes a stand alone app and an applet for the
GNOME panel.


Repetitive Strain Injury (RSI) prevention tool
Workrave is a program that assists in the recovery and prevention of
Repetitive Strain Injury (RSI). The program frequently alerts you to
take micro-pauses, rest breaks and restricts you to your daily limit.

It includes a system tray applet that works with Gnome and KDE
and has network capabilities to monitor your activity even if
switching back and forth between different computers is part of your
job.

Workrave offers many more configuration options than other similar
tools.

Expand full post here...

Summary only...

I just seen a nice little widget here on my rss feed this morning that is pretty nice, its called weatherbug, Now you can Receive all the benefits of live weather streamed to your Linux Desktop!

Lets install weatherbug:
Click here to download weatherbug to your desktop, then double click weatherbug-1.0-1.deb and click install after entering your sudo password

You can access WeatherBug via Applications->Accessories->Weatherbug

Optionally you can set it up to auto start by clicking System->Preferences->Sessions
Click add enter name weatherbug then enter command weatherbug, click ok, then close and it should load up on startup!

View my slideshow above to learn how to use it!

Official Support forum here
Get newer or updated packages here

Expand full post here...

Summary only...

Here I will unleash a few hidden settings that should improve your internet speed, and work with all current linux operating systems including Ubuntu:
first open a Terminal via Applications->Accessories->Terminal
Type:
sudo gedit /etc/sysctl.conf
Then Paste the Following at the end of the file:
# increase TCP max buffer size setable using setsockopt()
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
# increase Linux autotuning TCP buffer limits
# min, default, and max number of bytes to use
# set max to at least 4MB, or higher if you use very high BDP paths
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
# don't cache ssthresh from previous connection
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_moderate_rcvbuf = 1
# recommended to increase this for 1000 BT or higher
net.core.netdev_max_backlog = 2500
# for 10 GigE, use this, uncomment below
# net.core.netdev_max_backlog = 30000
# Turn off timestamps if you're on a gigabit or very busy network
# Having it off is one less thing the IP stack needs to work on
#net.ipv4.tcp_timestamps = 0
# disable tcp selective acknowledgements.
net.ipv4.tcp_sack = 0
#enable window scaling
net.ipv4.tcp_window_scaling = 1
Press Ctrl-S To save then alt-F4 to exit and then type:
sudo sysctl -p
to apply the settings.

Hitup a speed test site or a very healthy torrent and see how your speed is:

You can disable all these settings by removing these lines you added via:
sudo gedit /etc/sysctl.conf

You can recieve more information here

Have any additional tips to add? Please post in the comments!

Expand full post here...

Summary only...

Do you need to limit an applications upload/download speed? Or give priority to certain applications? I will introduce you to two different traffic shaping applications that you can install from the repository.

What does Wondershaper do?

wondershaper is a traffic shaping script that provides low latency, prioritizes bulk transfers below normal web traffic, prioritizes interactive shells above normal web traffic, and attempts to prevent upload and download traffic from affecting each other’s ack
packets. Put simply, the wondershaper makes your internet connection more "responsive"

More info:

* Maintain low latency for interfactive traffic at all times

This means that downloading or uploading files should not disturb SSH or even telnet. These are the most important things, even 200ms latency is sluggish to work over.

* Allow 'surfing' at reasonable speeds while up or downloading

Even though http is 'bulk' traffic, other traffic should not drown it out too much.

* Make sure uploads don't harm downloads, and the other way around

This is a much observed phenomenon where upstream traffic simply destroys download speed. It turns out that all this is possible, at the cost of a tiny bit of bandwidth. The reason that uploads, downloads and ssh hurt each other is the presence of large queues in many domestic access devices like cable or DSL modems.

Howto use Wondershaper:
Install wondershaper via searching synaptic or click here to install with 1 click
Open a Terminal via Applications->Accessories->Terminal
First figure out how much bandwidth you want to cap it to in kilobits
Of course you should calculate the above settings to what you prefer to shape
Now once you have the download/upload amounts in kilobits lets shape our traffic:
wondershaper wlan0 1536 128
Replace wlan0 with your interface, 1536 with your downlink speed, and 128 with your uplink speed.

Check the status of wondershaper:
sudo wondershaper ifacename

Howto disable shaping on specified interface:
sudo wondershaper clear ifacename


Now I will introduce you to Trickle:
Click Here to install trickle
Trickle is a lightweight traffic limiter for applications like wget, firefox, and any other user space internet application.

Trickle is handy for limiting single applications upload and download speeds, what it does is starts the application in a speed limited sandbox.

In short

trickle is a portable lightweight userspace bandwidth shaper. It can run in collaborative mode (together with trickled) or in stand alone mode.

trickle works by taking advantage of the unix loader preloading. Essentially it provides, to the application, a new version of the functionality that is required to send and receive data through sockets. It then limits traffic based on delaying the sending and receiving of data over a socket. trickle runs entirely in userspace and does not require root privileges.

Here are a few examples:

wget example that limits the download speed to 30 KB/s
trickle -d 30 wget http://somerandomdownloadsite.com/filetodownload

Pidgin example that limits the upload/download speed of filetransfers
trickle -u 30 -d 30 pidgin

Firefox Example that limits download/upload browsing speed as well as file transfer speed:
trickle -d 30 -u 30 firefox

As you see above the -d operator means download speed and 30 is the KB/s that is specified and can be changed to whatever you choose, the -u operator is the upload speed in KB/s

References:
Trickle Developer site
Wondershaper Dev site

Expand full post here...

Summary only...

The other day my girlfriend was surfing on myspace tv and youtube and firefox kept on randomly closing on her, and she said to me... Firefox sucks, and so does ubuntu, so im like nah it doesnt suck, its just a bug that all applications have that needs to be fixed, she said to me... "a bug" like a virus?... lol I said no, just a mistake in the developers implementation/port for linux that I will fix for you this weekend, so she said ok, and I searched launchpad and fixed the issue..
Here is what I found:

It seems Flash has a compatibility issue with pulseaudio and randomly crashes on most flash sites, it really sucks, and it angers my friends to the max. What this fix will do is grey out the flash area when flash itself crashes and leaves firefox or another browser alone so you are able to save your work and restart your browser safely. Alternatively you may want to use swfdec or gnash and I have provided a easy 1-click solution after this quick fix:

This is a quick fix that will require the terminal: Applications->Accessories->Terminal
wget http://launchpadlibrarian.net/13470096/nspluginwrapper_0.9.91.5-2ubuntu2_i386.deb
sudo dpkg -i nspluginwrapper_0.9.91.5-2ubuntu2_i386.deb
sudo apt-get remove --purge flashplugin-nonfree
sudo apt-get install flashplugin-nonfree

This should fix the issue of crashing your browser, alternatively you may want to try a different free flash player like swfdec, or gnash if you just watch videos and play movies. Swfdec and Gnash are more secure and not vulnerable to the same bugs/exploits as Adobe flash because it is opensource and you will notice that these alternatives use less ram/cpu power as well. The only issue I have had with the free flash players is that you cannot upload or use web forms, which I rarely use anyways.

Howto: Get rid of Adobe Flash and install a free flash player!

Make sure you remove flashplugin-nonfree if you intend to use these flash alternatives:
sudo apt-get remove --purge flashplugin-nonfree

Click here to install swfdec adobe flash alternative

Click here to install the gNash Adobe Flash Alternative!

If the above solution's do not work for you please see the official bug report here

Expand full post here...

Summary only...

This morning I stumbled to a good /. article:
paleshadows writes "Pidgin, the premier multi-protocol instant messaging client, has been forked. This is the result of a heated, emotional, and very interesting debate over a controversial new feature: As of version 2.4, the ability to manually resize the text input area has been removed; instead, it automatically resizes depending on how much is typed. It turns out that this feature, along with the uncompromising unwillingness of the developers to provide an option to turn it off, annoys the bejesus of very many users. One comment made by a Professor that teaches "Collaboration in an Open Source World" argued that 'It's easy to see why open source developers could develop dogmas. [...] The most dangerous dogma is the one exhibited here: the God feature. "One technological solution can meet every possible user-desired variation of a feature." [...] You [the developers] are ignoring the fan base with a dedication to your convictions that is alarmingly evident to even the most unobservant of followers, and as such, you are demonstrating that you no longer deserve to be in the position of servicing the needs of your user base.'" Does anyone besides me find this utterly ridiculous?

I personally think this is rediculous on pidgin's part for not fixing these serious, popular issues and fortunately you can grab this fork with this much needed feature fixed.

Features:

• Every feature Pidgin has... plus:
• "Entry area manual sizing" a plugin by Artemy Kapitula that allows manual resizing of the entry area.
• An option to set the size of the buddy icons displayed in the chat window.
• An option to let the window manager place new windows.
• Two different ways of seeing that your buddies are typing.
• An optional send button for Tablet PC users.

Howto Install FunPidgin:

First lets remove pidgin, dont worrie about your saved passwords/convo's because funpidgin uses the same settings directory.
sudo apt-get remove pidgin-data pidgin libpurple0
Now that pidgin is removed lets install FunPidgin, click link or use wget:
wget http://superb-west.dl.sourceforge.net/sourceforge/funpidgin/funpidgin_2.4.1-0ubuntu1_i386.deb
Now lets Install:
dpkg -i funpidgin_2.4.1-0ubuntu1_i386.deb
Or double click the file above where you downloaded and and enter sudo pw, then click install.

You can access funpidgin via Applications->Internet->Pidgin

Funpidgin also supports other operating systems:

• The Redhat package was built on Archlinux. For this reason it is optimized for i686. The package was made using the Checkinstall spy which simplifies the often tedious process of listing files and dependencies for an RPM. Again, you may have to uninstall a few existing packages or move a few files around on certain Redhat based systems.
• Fedora users will probably prefer the proper Fedora 8 packages recently contributed by William J Bacher. They provide the all the changes Funpidgin has made to the Pidgin codebase. The official packages for libpurple and finch can be used with these because libpurple and finch are still the same in Funpidgin as they are in Pidgin.
• The Windows installer was built using mingw and cygwin as per the official instructions. It should behave exactly like the Windows version of Pidgin.

Please support Funpidgin by making suggestions, and submitting bugs by visiting their site here

Expand full post here...

Summary only...