Skip Navigation
Orange Steel
  • Dumb, dumber an dumbest?

  • Bean license type
  • Thank you for your answer.

  • Bean license type

    Hi,

    Couldn’t find anything related to the code you are writing, so I thought I’d address the elephant in the room: how is your code licensed? Can your code be reviewed?

    2
    The Keychron K11 pro finally arrived
  • Poor thing, it got broken in the mail! Hope you got insurance...

    /s

  • Stay in school
  • Technically they didn’t name the cow… Soooo…

  • Antivirus recomendations
  • The problem with AV s/w in my experience, is that they do not work very well, and hinder the system’s functioning, because they provide duplicate behaviour of existing solutions and compete with them directly.

    In one instance I discovered McAfee to disable write access to /etc/{passwd,shadow,group} effectively disabling a user to change their password. While SELinux will properly handle that by limiting processes, instead of creating a process that would make sure those files aren’t modified by anyone.

    People need to understand Linux comes pre-equipped with all the necessary tools and bolts to protect their systems. They just don’t all live in the same GUI, because of the real complexity involved with malware…

  • Antivirus recomendations
  • Security is a process, not a solution.

    Well put!

  • Antivirus recomendations
  • I personally do not know ufw, but if it does what it must, then you’re solid.

    Linux is also about choices: do stuff the way you choose to, and makes you comfortable.

  • Backups, backups, backups. A learning process (and small rant).
  • My bad! Thanks for pointing out my typo

  • Antivirus recomendations
  • The main one everybody uses at least from my knowledge and from what I've used over the last 13 years is UFW. That is what you want to use.

    I could easily say that for firewalld… 😃

    Ufw is typically available/pre-installed with Debian based systems (Debian, Ubuntu, zzz), while Firewalld is typically available on Red Hat Enterprise Linux and derivates (Fedora, CentOS, Rocky, …)

    But it boils down to what you prefer, really.

  • Antivirus recomendations
  • I see that both UFW and firewalld are recommended... is it basically OK whichever I choose?

    Yes. Whichever works for you should be fine. In the end you should be able to manage it

  • Backups, backups, backups. A learning process (and small rant).
  • Look into restic, it doesn’t do exactly what you want, but it’s a very powerful backup server and standalone tool

    edit typo

  • Antivirus recomendations
  • Yes, usually you configure your endpoint firewall to block incoming traffic, while allowing all outgoing.

    Unless you’re in a very secure zone, like DMZ’s.

  • Antivirus recomendations
  • A very good point I forgot! Only use trusted software repositories!

  • Antivirus recomendations
  • ebtables and iptables can be very complex. And I failed my 1st RHCE exam because of them. But once you learn, you will never unlearn, as they are quite beautifully crafted. You just need to get into the mindset of the people who wrote the tools…

    Look into firewalld It has a rather simplified cli interface: firewall-cmd

    The manpages will tell you a lot.

    firewall-cmd —add-service=ssh Will open the ports for your ssh daemon until you reload your firewall or reboot your system firewall-cmd —permanent —add-service=ssh Will open the ssh ports until you remove them

    firewall-cmd —list-all Will show you the current firewall config

  • Antivirus recomendations
  • I wouldn’t recommend using anti-virus software. It usually creates a lot more overhead, plus it usually mimics existing solutions already in linux. The only viruses I have ever caught using an anti-virus software on Linux are the test viruses to see if all is working fine.

    Anyway, here’s my 20+ enterprise experience recommendations with Linux :

    • enable secure boot: will disable launching non-signed kernel modules (prevent root kits)
    • enable firewall: and only allow ports you really need.
    • SELinux: it is getting better, and it will prevent processes to access resources out of their scope. It can be problematic if you don’t know it (and it is complex to understand). But if it doesn’t hinder you, don’t touch it. I do not know AppArmor, but it is supposed to be similar.
    • disable root over ssh: or only allow ssh keys, or disable ssh altogether if you do not need it.
    • avoid using root: make sure you have a personal account set up with sudo rights to root WITH password.
    • only use trusted software: package managers like apt and rpm tend to have built in functionality to check the state and status of your installed software. Use trusted software repositories only. Often recommended by the distro maintainers. Stay away from use this script scripts unless you can read them and determine if they’re the real thing.

    Adhering to these principles will get you a long way!

    edit: added section about software sources courtesy of @dragnucs@lemmy.ml

  • Distro for ideapad
  • Welcome to the wonderful Linux world!

    I do not know Gallium, so I have very little to say about that.

    Windows software can be run using Wine. It is a Windows emulator, and there is no guarantee it will work with CSP. Alternatively you could check for alternatives that run natively on Linux (Gallium). Krita? Inkscape?

    Make no mistake, your journey into Linux will be riddled with obstacles, as it is not close to Windows at all. Inform yourself, learn, ask questions. But most of all: have fun!

  • Pathfinder 2e General Discussion @pathfinder.social bushvin @pathfinder.social
    Magical crafting time required

    Hi,

    The other night one of my players used their magical crafting to (successfully) transfer a striking rune from one weapon to another.

    The time it takes is 1 day according to the rules.

    I was wondering if there are any feats to reduce the time required for this?

    0
    bushvin bushvin @pathfinder.social

    Metalhead, self-proclaimed Open Source adept and beard aficionado with a knack for technology.
Notorious lurker. He/Him

    Posts 2
    Comments 20