An interesting marketing campaign by Red Hat

What does a company whose main (or only) source of income is from providing services and support for its products to enterprises do when its territory is threatened by competition ? It embarks on a massive marketing campaign highlighting its advantages over similar services and products offered by its competition.

That is exactly what Red Hat is doing but with a difference. It is actively using the free resources available on the Internet to kick start its advertising campaign. More specifically, it has uploaded a collection of videos on Youtube which highlight the advantages of using its latest offering Red Hat Enterprise Linux ver 5.0. The videos are in the garb of "Technology Lessons" and are short, to the point and quite entertaining to watch.

IPCOP Firewalls - Closing borders with Open Source

IPCop is a GPLed firewall solution targeted at Small Office/Home Office network. It is favored by many for its ease of configuration and setup and its support for a variety of features that you would expect to have in a modern firewall. IPCop is famed for letting users setup a sophisticated firewall for ones network without ever having to write an iptables rule themselves.

The book titled "Configuring IPCOP Firewalls" published by Packt Publishing is authored by two people Barrie Dempster and James Eaton-Lee and is divided into 11 chapters. The first chapter gives a brief introduction to firewalls and explains technical concepts such as OSI reference model, an introduction to TCP/IP and a brief outline of the parts that comprise a network. Even though I did not find anything new in this chapter, I realized that this is meant for people who are new to the world of computer networks and aims to bring them upto date with the various technologies associated with it. A network administrator intending to pick up skills in configuring and setting up IPCOP, can circumvent this chapter and directly go to the second chapter which gives an introduction to IPCOP - its different features, and in which all ways it can be effectively used.

The authors have explained the concepts in an easily understood way with the aid of necessary screen-shots. One of the salient features of IPCOP is its web based interface which allows one to configure all aspects of it from a remote location. In fact, IPCOP is designed to be controlled from a remote location and serves all its configuration parameters via the Apache web server. In the second chapter, one gets to know all the features of IPCOP including the different services it offer.

One thing that struck me while going through this book was that the authors are fully immersed in explaining the configuration aspects of IPCOP which is done entirely via the web interface. So much that other than the first chapter - "Introduction to firewalls", the third chapter titled "Deploying IPCop and Designing a network" and the 10th chapter titled "Testing, Auditing and Hardening IPCop" where the readers are made to digest some theory, the rest of the book is a how-to sort of book which I found to be ideally suited - especially for people who are the least bothered about theory and just want to set up IPCop and get on with what ever they were doing.

In the third chapter, we are introduced to the unique feature used by IPCop to segregate the network depending upon its vulnerability. And in the succeeding chapter, the authors walk one through installing IPCop on ones machine. Here each and every installation step is explained with the help of a screenshot which makes understanding the procedure much more intuitive.

The chapter titled "Basic IPCop Usage" gives a good introduction to the web interface provided by IPCop. Reading this chapter, I was able to get a good feel for the IPCop interface. More specifically, one gets to know how to configure IPCop to provide different services such as DHCP server, support for Dynamic DNS, editing the hosts file and so on. Mind you, the IPCop interface is quite rich in functionality even providing options to reboot or shutdown the machine remotely. In this chapter, apart from the introduction to the web interface, the authors have also provided a few tips related to logging in to the remote machine running IPCop using SSH.

Put in simple terms, IPCop is a specialized Linux distribution which contain a collection of tools which revolve around providing robust firewall capabilities. The tools bundled with IPCop range from the ubiquitous iptables, services such as DNS, DHCP to tools which specialize in intrusion detection such as snort. The sixth chapter titled "Intrusion Detection with IPCop" explains the concept of intrusion detection and how one can use snort IDS bundled with IPCop to effectively find out what is passing through our network and thus isolate any harmful packets.

From there, the book moves on to explain how to use IPCop to set up a virtual private network (VPN). By way of an example, the authors explain how to setup a VPN between two remote networks with each end having a IPCop firewall in place. This chapter covers different VPN scenarios such as host to net, net to net connections as well as configuring IPCop to detect the Certifying Authority certificates.

The 8th chapter is a rather short one which explains how to effectively use proxying and caching solutions available in IPCop to manage the bandwidth.

One of the biggest advantages of IPCop is that it is possible to extend it to provide additional features by way of addons. Addons are generally developed by third parties and are usually developed with an aim to provide a feature that the developers of IPCop have missed. There are a whole lot of addons available for IPCop. The 9th chapter introduces the most popular addons available for IPCop such as SquidGuard - a content filtering addon, LogSend - an addon which send the IPCop logs to remote email accounts, AntiSpam, integrating ClamAV anti virus solution and more. The authors have also explained how to install and enable these addons using the IPCop web interface.

As I said earlier, the tenth chapter titled "Testing, Auditing and Hardening IPCop" has more of a theoretical disposition where the authors list some of the common attributes towards security and patch management and also some of the security risks and a few common security and auditing tools and tests.

Book Specifications
Name: Configuring IPCop Firewalls
ISBN No: 1904811361
Author: Barrie Dempster and James Eaton-Lee
Publisher: Packt Publishing
Price : Check the latest price at Amazon.com
Rating: A very good book to pick up skills in configuring firewalls using IPCop

One thing I really like about this book is the practical approach taken by the authors in explaining how to accomplish a certain task. Each section is accompanied by the relevant screenshots of the web interface with a brief explanation of the options available. The book is well designed with a number of tips provided in each section highlighted in big square brackets which makes it quite eye catching. Even though I found the book a bit short on theory, it is an ideal resource which provides a hands on approach to people who are more interested in installing and setting up IPCop firewall solutions in ones network rather than pondering about the theoretical concepts of the same.

A University to learn more about batteries

In this age, most of mankind are very much subservient towards power - the electrical kind. In fact, we cannot think of a situation where we are left for want of power. Think of all those mobile devices, be it laptops, mobile phones, PDAs, music players, radios, automobiles ... the list goes on, they all have one thing in common which is the ubiquitous battery.

What many don't realize is that there are different kinds of batteries. For instance, the nickel based battery, the lithium-ion kind, lead acid battery and so on. And each of them have their own pros and cons. And to enlighten us about the difference between these variety of batteries, a portal has been created called batteryuniversity.com. Here you can learn the basics of every battery, getting the most from your batteries and lastly the people behind this very useful website which caters to a niche but useful subject as the batteries.

Now you tell me if there is even a single GNU/Linux user who does not find use for a battery....

Email encryption tools for Gmail galore

One of the most useful email encryption programs you can use is PGP (Pretty Good Privacy) or if you are like myself, a Free software supporter then you can use its GPLed counterpart called GnuPG (GPG). But with web mail gaining popularity, most people will find the use of these programs to encrypt or even sign their outgoing emails a chore.

Here is where browser plugins come into the picture. Dimitri Popov at linux.com has written a very useful article where he explains how to use the email encryption Firefox plugin called FireGPG to encrypt all your mails in your Gmail account. While KDE users will be aware of and have used KGPG - the front end tool for GnuPG, FireGPG is different in that, as a plugin, it is well integrated with your Firefox web browser and so you need not go outside your Gmail web interface to encrypt, decrypt or sign your mail. It can be done on the fly.

While on this topic of email encryption, I also came across a couple of projects which allow encryption of messages - not preferably emails. They are as follows :

Pidgin-Encryption - It transparently encrypts your instant messages with RSA encryption. It is Easy-to-use, but very secure. Pidgin (aka Gaim) is an instant messenger client for Linux which is used to connect to Yahoo messenger, Microsoft Messenger, AOL talk and many other instant messaging protocols.

OTR - Short for Off The Record messaging allows you to have private messaging using instant messaging and provides the following features - encryption of messages, authentication and deniability. It is also a pidgin plugin.

Gmail S/MIME is another project which provides Firefox users with S/MIME support for Gmail. S/MIME stands for Secure Multi purpose Internet Mail Extensions. S/MIME support is integrated directly into Google's Gmail web interface. It supports reading and sending of encrypted mail.

Lastly, check out this online javascript solution which encrypts and de-crypts your messages using a uniquely generated RSA private key. This project has been developed by the students of Stanford University.

Nearthwort Obtain interviews Richard M Stallman - a transcript of the interview

Nearthwort Obtain is a website with a difference. While most websites concentrate on providing content in the form of text and graphics, this site's principal content is in the form of podcasts. That is right, it features interviews with famous personalities which you can listen to. And the quality of the content is also quite high. Nearthwort obtain is the brain child of Marc Fiszman who calls his podcast website the "Multidimensional Adventurer's Handbook".

Marc recently interviewed none other than Richard . M . Stallman, founder of the Free Software Movement. This is the transcript of an excerpt from this interview - made available with prior permission from Marc.

Interview with Richard . M . Stallman

Nearthwort Obtain interviews Richard M Stallman, the founder of the Free Software Movement and the man who put the GNU into GNU/Linux. There are two main parts to this interview. In part I, Richard introduces Free Software and explains what that is all about. And that leads into some quite heavy criticisms of the popular tech heroes, well they are probably heroes of quite a few you out there certainly not of Richard's. The first is lord of Linux, Linus Torvalds and next stop is Steve Jobs of Apple who, Richard claims, is as evil as Microsoft. In the second part of the interview, we move into some multidimensional discussions which focuses on the impact of freedom on the evolution of consciousness.

Marc : Could you briefly explain what you mean by the definition of Free Software ? There may be a lot of tech savvy people who will be listening to the show and they won't be aware of what that means and your involvement with that.

RMS: First of all, Free refers to Freedom here and not price. So you should think of Free speech and not free beer. When you understand the proper meaning of the word Free, you understand Free software. Free software means software that respects the user's freedom. It is not a matter of what the program does in the technical sense, but it is a matter of the social system that the program's developers use. In fact the social system respects your freedom, then it is free software. It is decided by the program's life and not it's code. Any program could be free software but most of them are not. So specifically, Free software means you the user has four essential freedoms.

Freedom 0 : Run the program as you wish
Freedom 1 : the freedom to study the source code and change it to do what you wish
Freedom 2 : the freedom to distribute the copies of the program to others.
Freedom 3 : the freedom to distribute copies of your modified versions as you wish

If the program gives you these four freedoms, it is Free software. If one of them is substantially missing, then it is proprietary software or user subjugated software and that shouldn't exist.

Marc: And what is the difference between Free software and open source software ?

RMS: The term open source was coined many many years later by people who were in the Free Software community and liked Free software but they didn't like the ethical and political approach of the Free software movement. They liked Free software in a practical sense. They appreciated it , they enjoyed the benefits of these freedoms. They didn't want to use the term freedom, they didn't want to look at these as an ethical question. they didn't want to ask whether it is wrong for a program not to respect your freedom.

So they coined another term more or less saying category software. That which enabled them to take a purely practical approach to the question. So they have an official definition of open source which is pretty similar to the definition of Free software in its practical resolve of those differences and they encourage the saying 'practice' but they don't say it is an ethical area instead they present practical benefits only. they present the question as purely practical.

They don't say that ethically speaking, software should be open source but we say that ethically speaking software should be Free.

Marc: Are you saying that Free software is a political movement where as open source is not ?
RMS: Absolutely.

Marc: But I have listened to another interview that you gave to about a year ago. I think you were talking about the development of the famous project Linux developed by Linus Torvalds.

RMS: He is in the open source camp.

Marc: Do you have beef with him or do you get along with him ?

RMS: Well we still have some disagreement because in the past few months he has been actively ridiculing the idea of freedom as something that shouldn't exist.

Marc: And that is your main problem with him...
RMS: Absolutely.

Marc: He claims that he doesn't take a political stand. Right?

RMS: He calls himself apolitical. I call him amoral.

But when you say that you are apolitical, that is itself a kind of political stand that is, ignore all those political questions.

Marc: Why should we care about Free software.

RMS: If you are using computers and using software and if you are using software which is not free, then you don't control what it does. Not you personally and not your whole community. A non-free program is controlled by its developer. The developer decides what it will do and also decides what it won't do. And so it is a tool for the developer to maintain control over society, to gain a power of the kind nobody should have. It is dangerous for the society to allow people, to allow anyone that kind of power. Someone I am not sure who it was, said code is law. What it means is that if you are doing software then the software decides what you are allowed to do. So that has the effect of being laws. These laws are being written by software companies which they can arbitrarily decide by fiat, the laws that are bound to you if you use that non-free software. I don't.

You can listen to the rest of this interesting interview where RMS apart from talking about Free software explains why Apple is as evil as Microsoft.

What does /etc stands for in Linux/Unix ?

There is a discussion going on over at Slashdot regarding what /etc in Linux/Unix stands for. Is it an acronym or does it stand for 'et cetera' ? While the opinion is divided, the overwhelming thought is that it stands for et cetera. That is, what ever data which doesn't belong to other directories are put into /etc. Such as the 'motd' file (which stands for "Message Of The Day"). Many of us also look at /etc as a placeholder for the configuration files of programs which we run on our system.

If you look at the Linux file hierarchy, you find the following :

• /bin - common binaries
• /sbin - Binaries used for system administration are placed here.
• /boot - static files of the boot loader. Usually it contain the Linux kernel, Grub boot loader files and so on.
• /dev - device files such as your CD drive, hard disk, and any other physical device. (In Linux/Unix, the common premise is that everything is a file).
• /home - user home directories are found here. In unices like FreeBSD, the home directories are found in /usr/home. And in Solaris it is in /export. So quite a big difference here.
• /lib - Essential shared libraries and kernel modules
• /mnt - temporary mount point useful for when you insert your USB stick and it gets mounted under /mnt. Though in Ubuntu and the likes, it is usually mounted under /media.
• /var - variable data, such as logs, news, mail spool files and so on which is constantly being modified by various programs running on your system.
• /tmp - temporary files are placed here by default.
• /usr - the secondary hierarchy which contain its own bin and sbin sub-directories.
• /etc - Usually contain the configuration files for all the programs that run on your Linux/Unix system.
• /opt - Third party application packages which does not conform to the standard Linux file hierarchy can be installed here.
• /srv - Contains data for services provided by the system.
  

And of course there is the /proc directory which does not actually reside on the disk.

The file system hierarchy standard [FSHS] explains /etc as follows :

The /etc hierarchy contains configuration files. A "configuration file" is a local file used to control the operation of a program; it must be static and cannot be an executable binary.

It further goes on to say :

No binaries may be located under '/etc'. And the following directories, or symbolic links to directories are required in /etc:

opt Configuration for /opt
X11 Configuration for the X Window system (optional)
sgml Configuration for SGML (optional)
xml Configuration for XML (optional)

While this is the long and short of the matter, some believe that '/etc' is indeed an acronym and stands for "Editable Text Configuration". Oh well, the media is still not out with the verdict.

Free Open Solaris starter kit

Two months back, I had gustily bought the news of the free Sun Solaris media kit which consisted of a set of 3 DVDs which contained the Solaris OS for the Sparc and Intel architectures as well as Java software goodies. And as a follow up, I had posted a couple of photos of the media kit I received as well. Now it is OpenSolaris which is handing out free DVDs. But the OpenSolaris give away is more exciting for a number of reasons.

The OpenSolaris media kit, which they chose to call the starter kit consists of a set of two DVDs and a mini book. You heard right, they have also included a booklet which contain a collection of tutorials and documentation which will be of use to OpenSolaris neophytes. The DVDs will contain apart from the Solaris Express, the community built images of three distributions of OpenSolaris namely Nexenta OS, Belenix and SchilliX as well as OpenSolaris source code. You will also find the Sun Studio compilers included in the offering. You can order your copy of the starter kit here. I may also add that you need to register first to place the order.

In all respects these are very good times for Solaris users as Sun Microsystems is going on a limb to sustain the excitement towards its software products by developers and users alike and ensure that its legacy does not wither away. A good move in these fast changing times. Now I am waiting for the day when they will release Solaris under the GPL v3 license.