June 2022 – Friki Linux

Display Only Hidden Files in Linux

Posted on 2022-06-30 by Kernel

Displaying hidden files in Linux is quite easy. You use the ls command in this manner:

ls -a

That’s fine. You can see the hidden files with their names starting with a dot (.).

But you see all the files in the current directory, the hidden ones and the regular ones.

What if you want to ONLY see the hidden files, not the regular ones?

There is no ready-to-use option like -a and -A. However, you can always find a way to achieve things by combining a few commands through the wonderful pipe redirection.

Display only the hidden files and directories

To display only the hidden files and directories, the simplest approach is to show the hidden files with ls -a and then use grep to filter only the entries that start with a . (dot).

ls -a | grep "^."

The ^ means ‘start with’. The dot character needs to be escaped with and since you used special characters, everything is enclosed in double-quotes. With “^.”, you tell grep command to only show results that start with a dot.

Let me share an example. Here’s the content of my sample directory:

abhishek@itsfoss:~/toto$ ls -l
total 352
-rw-rw-r-- 1 abhishek abhishek  45443 May 24 09:03 apt-get.pdf
-rw-rw-r-- 1 abhishek abhishek  29983 May 27 16:07 bash.pdf
-rw-rw-r-- 1 abhishek abhishek 249773 May 26 14:56 cronjob-cheatsheet.png
-rw-rw-r-- 1 abhishek abhishek   4943 Jun  2 20:09 gnome-console-voiceover
-rw-rw-r-- 1 abhishek abhishek  12721 May 29 12:29 members.2022-05-29.csv
-rw-rw-r-- 1 abhishek abhishek    143 May 30 12:06 routes.yaml

Now I am going to filter it out so that it only shows the hidden files and directories:

abhishek@itsfoss:~/toto$ ls -a | grep "^."
.
..
.hidden-file
.hid_dir
.member.csv

It shows the special . (current directory) and .. (parent directory) directories as well. You can filter them out by using the -A option instead of -a.

abhishek@itsfoss:~/toto$ ls -A | grep "^."
.hidden-file
.hid_dir
.member.csv

This is better, right? Here’s a screenshot if you want to see them all together in a single image:

There is still a little problem here. Though you can see them in individual lines, you cannot distinguish if it’s a file or a directory.

If you want that, there is another way to achieve that.

Alternate method

To show just the hidden files and directories in the long listing format (so that you can see if it’s a file or directory), you can use this:

ls -ld .*

It will show the following result for the example here:

drwxrwxr-x  3 abhishek abhishek  4096 Jun 30 10:38 .
drwxr-x--- 28 abhishek abhishek  4096 Jun 29 15:15 ..
-rw-rw-r--  1 abhishek abhishek 41145 May 27 15:24 .hidden-file
drwxrwxr-x  2 abhishek abhishek  4096 Jun 30 10:38 .hid_dir
-rw-rw-r--  1 abhishek abhishek 12721 Jun  3 09:41 .member.csv

How does it work? First, the .* part is shell globbing. It expands right there on the input. So, basically, you can think of it as:

ls -ld . .. .hidden-file .hid_dir .member.csv

The use of option -d is important here. It tells ls to only list the directory, not its contents. Otherwise, the ls command will also show the contents of the .hid_dir.

In case you don’t want to display the . and .. directories, you can use the ls command like this:

ls -ld .!(|.)

Focusing on the .!(|.) part obviously. This is a pattern. ! is negation and | is OR condition. (|.) means nothing or dot. When you negate it with !, you are saying it should not be “nothing” or dot. Combine it all together .!(|.) and you are saying a pattern where . is followed by something (thus single dot is ruled out) except another dot (thus ruling out double dots).

You get the desired result now:

-rw-rw-r-- 1 abhishek abhishek 41145 May 27 15:24 .hidden-file
drwxrwxr-x 2 abhishek abhishek  4096 Jun 30 10:38 .hid_dir
-rw-rw-r-- 1 abhishek abhishek 12721 Jun  3 09:41 .member.csv

Display only hidden files (not hidden directories)

Displaying only hidden files without the hidden directories is quite easy. Use this:

ls -ld .* |grep -v ^d

You are displaying both the hidden files and directories and then filtering out the entries starting with d (which are directories).

abhishek@itsfoss:~/toto$ ls -ld .* 
drwxrwxr-x  3 abhishek abhishek  4096 Jun 30 10:38 .
drwxr-x--- 28 abhishek abhishek  4096 Jun 29 15:15 ..
-rw-rw-r--  1 abhishek abhishek 41145 May 27 15:24 .hidden-file
drwxrwxr-x  2 abhishek abhishek  4096 Jun 30 10:38 .hid_dir
-rw-rw-r--  1 abhishek abhishek 12721 Jun  3 09:41 .member.csv
abhishek@itsfoss:~/toto$ ls -ld .* |grep -v ^d
-rw-rw-r--  1 abhishek abhishek 41145 May 27 15:24 .hidden-file
-rw-rw-r--  1 abhishek abhishek 12721 Jun  3 09:41 .member.csv

Of course, there could be several other possible ways. The find command is always there for such stuff.

If you can think of a different solution, do share it in the comment section.

How to Cut, Copy and Paste Text in Nano editor?

Posted on 2022-06-29 by Kernel

GNU Nano is an editor that has a minimal learning curve and hence is widely used for beginner-level guides.

That doesn’t mean that it is as easy to use for beginners as a graphical text editor. Why? because you still have to rely on the keyboard shortcuts to do the basic things such as save, undo, etc.

How about cut, copy and paste in Nano? Does it require specific keyboard shortcuts too?

Well, yes and no. You can use the mouse to copy-paste. There are also keyboard shortcuts for the same purpose. To cut, you must use shortcuts.

Let me show all this to you in detail.

Copy text in Nano

To copy a piece of text, the text needs to be selected first.

There are two ways to copy the text in Nano:

Use the mouse to select and copy
Use the keyboard to select and copy

Using mouse to select, copy and paste

If you want a quick and dirty selection to copy text, there is no better way than using a mouse to do it.

Below are the steps you can follow:

Click and drag the cursor to select text
Right click and click on “Copy”

Once the text is copied to clipboard, to paste text using mouse, make sure that you have moved the cursor to the location where you want to paste text.

Then, do a right click, and select “Paste” from the context menu that popped up.

This is what you should do to select, copy and paste text using mouse.

Using keyboard to select and copy (for pros)

Using a mouse to copy text is all good, but when you have to select text that extends the page, it gets frustrating. For that, you will need to use a few keyboard shortcuts.

Below are the steps to select and copy text using keyboard:

To select text, press the Ctrl + 6 key combination. You will see “Mark Set” appear at the bottom of the screen as an acknowledgement.
Now, use the arrow keys (keys like Home, End, Page Up and Page Down can also be used) to select/highlight text.
To copy selected text, press Alt + 6 key combination.

You now have the text copied to your clipboard!

Cut text in Nano

The cut operation is very similar to the copy operation, the only difference is that the data is deleted from one location to be moved to another location.

Unfortunately, cutting text cannot be done with the use of a mouse, so let’s go over the steps to follow if you want to cut text.

Select text using the Ctrl + 6 key combination.
Use the arrow keys to highlight the text you want to cut.
To cut the selected text, press Ctrl + K (think of it as Kutting text).

That is all there is to kutting text 😀

💡

If you press Ctrl+K without selecting any text, it cuts the entire current line.

Paste in Nano

Finally, after copying or cutting the text, it won’t be much of a use if you can not paste text.

Thankfully, pasting text in nano is very easy. Follow the steps given below:

Move your cursor to the location where you want to paste text
Press Ctrl + U

💡

Nano shows the keyboard shortcuts at the bottom of the screen all the time. So, even if you forgot it, you can always look at the bottom of the editor for hints or press Ctrl+G for help. If it says ^K for Cut, use Ctrl+K (^ means Ctrl key). Similarly, if it says M-A for Append, use Alt + M (M means Alt key).

Copy-paste between Nano and the system

If you want to copy text from a web browser or other editor into Nano, use the Ctrl+Shift+V to paste the text into Nano.

Similarly, if you want to copy some text from Nano to an external application, use Ctrl+Shift+C to copy the text and then the usual Ctrl+V to paste it.

When you use Ctrl+Shift+C/V keys, the text is copied into the system buffer and hence it can be used outside the Nano editor as well.

If you use the Nano specific keyboard shortcuts such as Ctrl+K etc, the text stays in Nano buffer. It cannot be accessed at the system level and hence you cannot use it outside Nano.

Conclusion

GNU Nano is a simple text editor that is known best for getting the job done without much fuss. This article covered the basics of copying, cutting and pasting text in Nano.

If you are interested in mastering the basics of Nano, try this free course on Nano.

The Link Between AWM Proxy & the Glupteba Botnet

Posted on 2022-06-28 by Kernel

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy’s founder is one of the men being sued by Google.

AWMproxy, the storefront for renting access to infected PCs, circa 2011.

Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices. In 2011, researchers at Kaspersky Lab showed that virtually all of the hacked systems for rent at AWM Proxy had been compromised by TDSS (a.k.a TDL-4 and Alureon), a stealthy “rootkit” that installs deep within infected PCs and loads even before the underlying Windows operating system boots up.

In March 2011, security researchers at ESET found TDSS was being used to deploy Glupteba, another rootkit that steals passwords and other access credentials, disables security software, and tries to compromise other devices on the victim’s network — such as Internet routers and media storage servers — for use in relaying spam or other malicious traffic.

A report from the Polish computer emergency response team (CERT Orange Polksa) found Glupteba was by far the biggest malware threat in 2021.

Like its predecessor TDSS, Glupteba is primarily distributed through “pay-per-install” or PPI networks, and via traffic purchased from traffic distribution systems (TDS). Pay-per-install networks try to match cybercriminals who already have access to large numbers of hacked PCs with other crooks seeking broader distribution of their malware.

In a typical PPI network, clients will submit their malware—a spambot or password-stealing Trojan, for example —to the service, which in turn charges per thousand successful installations, with the price depending on the requested geographic location of the desired victims. One of the most common ways PPI affiliates generate revenue is by secretly bundling the PPI network’s installer with pirated software titles that are widely available for download via the web or from file-sharing networks.

An example of a cracked software download site distributing Glupteba. Image: Google.com.

Over the past decade, both Glupteba and AWM Proxy have grown substantially. When KrebsOnSecurity first covered AWM Proxy in 2011, the service was selling access to roughly 24,000 infected PCs scattered across dozens of countries. Ten years later, AWM Proxy was offering 10 times that number of hacked systems on any given day, and Glupteba had grown to more than one million infected devices worldwide.

There is also ample evidence to suggest that Glupteba may have spawned Meris, a massive botnet of hacked Internet of Things (IoT) devices that surfaced in September 2021 and was responsible for some of the largest and most disruptive distributed denial-of-service (DDoS) attacks the Internet has ever seen.

But on Dec. 7, 2021, Google announced it had taken technical measures to dismantle the Glupteba botnet, and filed a civil lawsuit (PDF) against two Russian men thought to be responsible for operating the vast crime machine. AWM Proxy’s online storefront disappeared that same day.

AWM Proxy quickly alerted its customers that the service had moved to a new domain, with all customer balances, passwords and purchase histories seamlessly ported over to the new home. However, subsequent takedowns targeting AWM Proxy’s domains and other infrastructure have conspired to keep the service on the ropes and frequently switching domains ever since.

Earlier this month, the United States, Germany, the Netherlands and the U.K. dismantled the “RSOCKS” botnet, a competing proxy service that had been in operation since 2014. KrebsOnSecurity has identified the owner of RSOCKS as a 35-year-old from Omsk, Russia who runs the world’s largest forum catering to spammers.

The employees who kept things running for RSOCKS, circa 2016.

Shortly after last week’s story on the RSOCKS founder, I heard from Riley Kilmer, co-founder of Spur.us, a startup that tracks criminal proxy services. Kilmer said RSOCKS was similarly disabled after Google’s combined legal sneak attack and technical takedown targeting Glupteba.

“The RSOCKS website gave you the estimated number of proxies in each of their subscription packages, and that number went down to zero on Dec. 7,” Kilmer said. “It’s not clear if that means the services were operated by the same people, or if they were just using the same sources (i.e., PPI programs) to generate new installations of their malware.”

Kilmer said each time his company tried to determine how many systems RSOCKS had for sale, they found each Internet address being sold by RSOCKS was also present in AWM Proxy’s network. In addition, Kilmer said, the application programming interfaces (APIs) used by both services to keep track of infected systems were virtually identical, once again suggesting strong collaboration.

“One hundred percent of the IPs we got back from RSOCKS we’d already identified in AWM,” Kilmer said. “And the IP port combinations they give you when you access an individual IP were the same as from AWM.”

In 2011, KrebsOnSecurity published an investigation that identified one of the founders of AWM Proxy, but Kilmer’s revelation prompted me to take a fresh look at the origins of this sprawling cybercriminal enterprise to determine if there were additional clues showing more concrete links between RSOCKS, AWM Proxy and Glupteba.

IF YOUR PLAN IS TO RIP OFF GOOGLE…

Supporting Kilmer’s theory that AWM Proxy and RSOCKS may simply be using the same PPI networks to spread, further research shows the RSOCKS owner also had an ownership stake in AD1[.]ru, an extremely popular Russian-language pay-per-install network that has been in operation for at least a decade.

Google took aim at Glupteba in part because its owners were using the botnet to divert and steal vast sums in online advertising revenue. So it’s more than a little ironic that the critical piece of evidence linking all of these operations begins with a Google Analytics code included in the HTML code for the original AWM Proxy back in 2008 (UA-3816536).

That analytics code also was present on a handful of other sites over the years, including the now-defunct Russian domain name registrar Domenadom[.]ru, and the website web-site[.]ru, which curiously was a Russian company operating a global real estate appraisal business called American Appraisal.

Two other domains connected to that Google Analytics code — Russian plastics manufacturers techplast[.]ru and tekhplast.ru — also shared a different Google Analytics code (UA-1838317) with web-site[.]ru and with the domain “starovikov[.]ru.”

The name on the WHOIS registration records for the plastics domains is an “Alexander I. Ukraincki,” whose personal information also is included in the domains tpos[.]ru and alphadisplay[.]ru, both apparently manufacturers of point-of-sale payment terminals in Russia.

Constella Intelligence, a security firm that indexes passwords and other personal information exposed in past data breaches, revealed dozens of variations on email addresses used by Alexander I. Ukraincki over the years. Most of those email addresses start with some variation of “uai@” followed by a domain from one of the many Russian email providers (e.g., yandex.ru, mail.ru). [Full disclosure: Constella is currently an advertiser on this website].

But Constella also shows those different email addresses all relied on a handful of passwords — most commonly “2222den” and “2222DEN.” Both of those passwords have been used almost exclusively in the past decade by the person who registered more than a dozen email addresses with the username “dennstr.”

The dennstr identity leads to several variations on the same name — Denis Strelinikov, or Denis Stranatka, from Ukraine, but those clues ultimately led nowhere promising. And maybe that was the point.

Things began looking brighter after I ran a search in DomainTools for web-site[.]ru’s original WHOIS records, which shows it was assigned in 2005 to a “private person” who used the email address lycefer@gmail.com. A search in Constella on that email address says it was used to register nearly two dozen domains, including starovikov.ru and starovikov[.]com.

A cached copy of the contact page for Starovikov[.]com shows that in 2008 it displayed the personal information for a Dmitry Starovikov, who listed his Skype username as “lycefer.”

Finally, Russian incorporation documents show the company LLC Website (web-site[.]ru)was registered in 2005 to two men, one of whom was named Dmitry Sergeevich Starovikov.

Bringing this full circle, Google says Starovikov is one of the two operators of the Glupteba botnet:

The cover page for Google’s lawsuit against the alleged Glupteba botnet operators.

Mr. Starovikov did not respond to requests for comment. But attorneys for Starovikov and his co-defendant last month filed a response to Google’s complaint in the Southern District of New York, denying (PDF) their clients had any knowledge of the scheme.

Despite all of the disruption caused by Google’s legal and technical meddling, AWM is still around and nearly as healthy as ever, although the service has been branded with a new name and there are dubious claims of new owners. Advertising customer plans ranging from $50 a day to nearly $700 for “VIP access,” AWM Proxy says its malware has been running on approximately 175,000 systems worldwide over the last 24 hours, and that roughly 65,000 of these systems are currently online.

AWM Proxy, as it exists today.

Meanwhile, the administrators of RSOCKS recently alerted customers that the service and any unspent balances will soon be migrated over to a new location.

Many people seem to equate spending time, money and effort to investigate and prosecute cybercriminals with the largely failed war on drugs, meaning there is an endless supply of up-and-coming crooks who will always fill in any gaps in the workforce whenever cybercriminals face justice.

While that may be true for many low-level cyber thieves today, investigations like these show once again how small the cybercriminal underground really is. It also shows how it makes a great deal of sense to focus efforts on targeting and disrupting the relatively small number of established hackers who remain the real force multipliers of cybercrime.

14 Common Mistakes When Using A Graph Maker

Posted on 2022-06-27 by Kernel

Graphs help organize, present, and simplify information. However, there are some common mistakes that people make when using graphs. Here are 14 common mistakes that you should avoid when using a graph maker:

1. Using the wrong graph type

The main types of graphs used for presentation purposes are bar charts, line graphs, pie charts, and pictographs. A bar chart is useful for comparisons over a period of time, while line graphs are best for showing changes in data over time. A pie chart maker can be used for creating pie charts, which are good at illustrating proportions, and pictographs are good for comparing different categories within a specific amount of space.

2. Using too many graph types

It’s okay to use more than one graph type in a presentation, but using too many could make it confusing. Stick to the standard bar chart and line graphs for most presentations.

3. Label axes inconsistently

Whether you’re working with a bar chart, line graph, or any other kind of graph, your axes need to have the same labels every time you create a new graph. Consistency is key when it comes to graphs.

4. Using a graph with too many series of data

A graph can contain up to five different series of data if they are all part of the same set, but there should not be any more series than that. More than five series will make your graph confusing and difficult to read.

5. Placing graph titles in odd places

Graph titles are meant to go at the top of your axis, not below, next to, or superimposed over your data plot. If you’re using a bar graph with two plots per page, place the graph title above the plot on the left side. If you’re using a line graph without labels, don’t place your graph title above the plot.

6. Compressing or expanding axis scales to fit data trends

When working with a graphed data set, you need to use an axis scale that accurately reflects the difference between your smallest and largest data sets. If you compress or expand your axis scales too much, it will make trends in your data hard to identify.

7. Using too many or too few tick marks on the axis scale

The standard number of tick marks for axes is five, but you can add more if your graph contains less than 100 data points and remove some of your graphs containing more than 100 data sets. Try to stick to no fewer than four and no more than six tick marks.

8. Failing to explain legends and labels

This is a common mistake, especially when using a bar graph maker or a line graph maker. For bar charts and line graphs, you need to include a legend or label with the names of each data series so that people know what each color represents. If you’re using pictographs, make sure the images stand out from one another well enough for people to tell them apart.

9. Failing to explain the data plot on the graph creator

Make sure you explain what your line graph or bar chart represents so people can easily understand the difference between the categories represented by the axis labels, tick marks, and other parts of your graph’s data plot. If you’re using pictographs, they must be self-explanatory.

10. Failing to explain the axis scale, tick marks, and legend

It’s not enough that you include a graph title that explains what your line graph or bar chart represents; you also need to go into more detail about each of these components for people to look at your graph properly. Make sure all your legends and labels are explained in the legend if you use them.

11. Using graph components inconsistently

If your bar graph contains two plots per page, make sure the labels on the left side of each plot are always horizontal when they appear in sequence or vertical when they appear back to back on a single page. If the same components move from one page to the next, you need to indicate this in the legend.

12. Making axis scales too large or small for your graph’s data

Don’t try to squeeze more than five series of data into a graph that already has four or fewer tick marks on its axis. Don’t fill an entire page with one bar chart if the height of one bar doesn’t even begin to register on the axis scale.

13. Failing to provide a trend line

If you’re creating a time-based or comparative graph, it needs to include a trend line that shows what happened during each data set and how these differences compare to one another to make line graphs effective.

14. Making your graph too small or too large

Your graph should fit nicely on a single page and be just big enough for people who are one to three feet away from it to recognize the messages without any trouble. If you’re using pictographs, they should cover about half of a 5×7-inch index card or smaller. If your graph contains more than 100 data points, you want to make it big enough for people who are five or six feet away from it to read the message.

Bottomline

You need to be very careful when using a graph maker because these mistakes are easy to make. Make sure you double-check your graphs whenever possible to avoid making any of these common errors.

Self-host a Ghost Blog With Traefik

Posted on 2022-06-27 by Kernel

Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter.

The creators of Ghost offer managed Pro hosting but it may not fit everyone’s budget.

Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup.

Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more.

I use Traefik to secure my websites using an SSL certificate obtained from Let’s Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals.

In this tutorial, I’ll share the necessary steps for deploying a Ghost blog with Docker and Traefik.

Here’s what you need for this tutorial:

A domain and access to its DNS settings
A cloud server like the ones from DigitalOcean or Linode
Decent knowledge of Linux command line
Decent knowledge of Docker

With that aside, let’s see how to go about it.

Step 1. Get a domain (if you don’t have one)

I always recommend deploying tools on real domains even if it is for test purposes.

Domains are not expensive these days. You can find some good, inexpensive domains at NameCheap.

For test purposes, you can get any domain that is available at the cheapest price. Usually, domains with obscure TLDs like .club are very cheap. Instead of renewing the next year, you can buy another one at a cheap price.

If it is for a real, public-facing website, go for a domain that is suitable for your branding. I always prefer .com domains over any other TLD.

For the production website, I recommend using Cloudflare for a faster website. You can use it for free. Here’s how to set up your DNS with Cloudflare.

2. Setting up your Cloud Instance

I use DigitalOcean to host my website – Narasimman Tech. It is easy and cheap to set up. If you are a new user, DigitalOcean gives you a $100 credit, valid for 60 days of server usage.

If you are in doubt, refer to our list of free cloud servers. You can get some free credits for trying out a new service.

I let you create a new server on your preferred cloud service.

3. Setting up Docker and Docker Swarm

I believe that you can figure out how to use SSH to connect to the remote servers.

ssh root@<IP address of the Droplet>

Once you are logged in to your server, you need to get Docker configured. Since the installation of Docker is different for different distributions, I am not going to cover it. If you need help, here’s a tutorial for Ubuntu.

We will be running our services in a Docker Swarm Environment. To start a Docker Swarm Environment run,

docker swarm init

This creates a new Swarm Environment and this becomes your manager node. You can add a new Droplet as a worker node, to scale up your services, but that’s beyond the scope of this tutorial.

4. Creating Required Configuration Files and Directories

Create a folder called my website or anything you want and change the directory to the newly-created directory.

mkdir website

cd website

You have to create a couple of files and directories to store Traefik configuration files and your SSL keys:

Create a new directory called ‘data’ and change the directory into it.

mkdir data

cd data

Inside this directory, create two new files called traefik.yml and acme.json change the permission of acme.json to 600.

touch traefik.yml acme.json

chmod 600 acme.json

Open the file using any editor.

nano traefik.yml

Paste the following code in the traefik.yml file.

api:
  dashboard: true
  debug: true
serversTransport:
  insecureSkipVerify: true
entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure

  websecure:
    address: :443
    http:
      middlewares:
        - secureHeaders@file
        - nofloc@file
      tls:
        certResolver: letsencrypt
        domains:
          - main: yourdomain.com
            sans:
              - "*.yourdomain.com"

pilot:
  dashboard: false

providers:
  docker:
    swarmMode: true
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /configurations/dynamic.yml

certificatesResolvers:
  letsencrypt:
    acme:
            #caServer: https://acme-staging-v02.api.letsencrypt.org/directory
      email: youemail@email.com
      storage: acme.json
      keyType: EC384
      dnsChallenge:
        provider: cloudflare
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

You have to change a few variables:

Change yourdomain.com to the domain you own.

          - main: yourdomain.com
            sans:
              - "*.yourdomain.com"

Create a new directory called configurations and change the directory into it. Inside this directory, create a new file called ‘dynamic.yml’ and copy-paste the following lines.

mkdir configurations

cd configurations

touch dynamic.yml

nano dynamic.yml

# Dynamic configuration
http:
  middlewares:
    nofloc:
      headers:
        customResponseHeaders:
          Permissions-Policy: "interest-cohort=()"
    secureHeaders:
      headers:
        sslRedirect: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 31536000

    # UserName : admin
	# Password : qwer
    user-auth:
      basicAuth:
        users:
          - "admin:$apr1$tm53ra6x$FntXd6jcvxYM/YH0P2hcc1"

tls:
  options:
    default:
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
      minVersion: VersionTLS12

📃

The default username is ’admin’ and the password is ‘qwer’

5. Setting up Traefik and Ghost

Now go back to our main directory, i.e., the ‘website’ directory in my case, which you created at first.

cd ~/website

Now create a file called docker-compose.yml for editing.

nano docker-compose.yml

Paste the following:

# Traefik, Ghost, and MySQL
version: '3.3'

services:
  traefik:
    image: traefik:latest
    networks:
      - traefik
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/traefik.yml:/traefik.yml:ro
      - ./data/configurations:/configurations
    environment:
	  - CF_API_EMAIL=
	  - CF_DNS_API_TOKEN=
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]
      labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik"
      - "traefik.http.routers.traefik-secure.entrypoints=websecure"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.yourdomain.com`)"
      - "traefik.http.routers.traefik-secure.service=api@internal"
      - "traefik.http.services.traefik-secure.loadbalancer.server.port=8080"

  ghost:
    image: ghost:4-alpine
    depends_on:
      - mysql
      - traefik
    networks:
      - traefik
      - backend
    volumes:
      - ghost_data:/var/lib/ghost
    environment:
      # see https://ghost.org/docs/config/#configuration-options
      database__client: mysql
      database__connection__host: mysql
      database__connection__user: root
      database__connection__password: secretpassword
      database__connection__database: ghost
      # this url value is just an example, and is likely wrong for your environment!
      url: https://yourdomain.com
      # contrary to the default mentioned in the linked documentation, this image defaults to NODE_ENV=production (so development mode needs to be explicitly specified if desired)
      #NODE_ENV: development
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=traefik"
        - "traefik.http.routers.ghost-secure.entrypoints=websecure"
        - "traefik.http.routers.ghost-secure.rule=Host(`yourdomain.com`)"
        - "traefik.http.routers.ghost-secure.service=ghost"
        - "traefik.http.services.ghost.loadbalancer.server.port=2368"

  mysql:
    image: mysql:8.0
    command: --default-authentication-plugin=mysql_native_password
    environment:
      MYSQL_ROOT_PASSWORD: secretpassword
    networks:
      - backend
    volumes:
      - sql_data:/var/lib/mysql
    deploy:
      placement:
        constraints: [node.role == manager]

networks:
  traefik:
    external: true
  backend:
    external: true

volumes:
  ghost_data:
    external: true
  sql_data:
    external: true

Remember to set the environment variables. If you don’t know how to get your Cloudflare account’s API Email and DNS API Token, read this article from Cloudflare.

    environment:
	  - CF_API_EMAIL=
	  - CF_DNS_API_TOKEN=

Don’t close the file yet. You have to change a few parameters here.

Replace ‘traefik.yourdomain.com; with a subdomain.

- "traefik.http.routers.traefik-secure.rule=Host(`traefik.yourdomain.com`)"

Replace ‘secretpassword’ with a new password.

database__connection__password: secretpassword

Replace ‘https://yourdomain.com‘ with your URL.

url: https://yourdomain.com

Replace ‘yourdomain.com’ with a subdomain, or use the full domain.

- "traefik.http.routers.ghost-secure.rule=Host(`yourdomain.com`)"

Finally, replace ‘secretpassword’ with the password you set above on point two.

MYSQL_ROOT_PASSWORD: secretpassword

6. Creating and Starting The Services

Now everything is in place! Check your files if everything is in place and the variables are modified to your requirements.

Your file structure should be like this:

Now from this directory, run the command. You can change ‘site’ to anything you want.

docker stack deploy -c docker-compose.yml site

This takes a couple of a while to download the docker images and to get the SSL keys.

To list out the running services, run:

docker service ls

This lists the running services. If the REPLICAS are 0/1 wait for a few minutes, it might be preparing.

To check the status of individual services, run:

docker service ps <service name>

Replace <service name> with site, site_ghost or site_traefik or site_mysql.

To view the logs of individual services, run:

docker service logs -f <service name>

Hurray!! Now your site must be up and running. Visit the URLs you provided above for Traefik and Ghost. Follow me on Twitter – @narasimman_tech

The 7 VR Games That Will Knock Your Socks Off

Posted on 2022-06-24 by Kernel

With virtual reality games being so immersive, it’s no surprise that more and more people find playing them super fun. Nowadays, players can enjoy a variety of VR titles from the comfort of their homes! But what are the seven most popular VR games that have gamers exploring virtual worlds for hours at a time?

Seven Fantastic VR Video Games That Everybody Is Talking About

Not many game genres can offer a gaming experience as powerful and fantastic as VR games can. With the right headset, you can spend hours flying, building, and doing all sorts of cool activities in captivating, virtual worlds! If you’d like to play a great VR game, go through our list of the seven best VR games and choose your favorite one!

Astro Bot Rescue Mission

Astro Bot Rescue Mission is a great platformer that lets you control Astro, a cute-looking robot on a rescue mission. The sweet character needs to find and save his mechanical friends who are scattered in space.

From cool bosses and platforming conundrums to many bonus challenges, the game offers awesome content to entertain its players. It’s a nice choice for gamers who are just starting to dip their toes into the VR realm.

Blade and Sorcery

When playing Blade and Sorcery, your swings feel heftier but not too realistic. The game will bedazzle you with its design elements – you can use telekinesis to summon weapons, use your hands to shoot lightning, and more!

This is a fantastic action game for those who want to have magic powers for a few hours a day. There’s a great selection of weapons, so get ready for the most incredible battles ever!

Elite: Dangerous

If you’re a fan of flying games, you’ll quickly fall in love with Elite: Dangerous. This game will let you fly a spaceship, collect bounties, and even mine asteroids! How cool of a space journey is that?

However, there’s a learning curve with some of the ship functions, so don’t expect to pilot like a pro right from the start. On the positive side, if you don’t like easy games, the complexity of this one will give you an extra thrill.

Everybody’s Golf VR

Sports fans find Everybody’s Golf VR to be their favorite game, especially when they want to relax on a virtual golf course. The game features incredible finesse and control, whether you compete or practice your shots.

If going to a real course seems a bit too much after a long day at work, this is the game for you! There’s no multiplayer mode, but you can golf as much as you want all by yourself!

Ghost Giant

Puzzle fans across the world are head over heels for Ghost Giant! The title character, which you play, needs to solve puzzles and alter the game world to help a cat named Louis.

Ghost Giant has an attractive, cartoon-like design, with a point-and-click adventure feel to it that players of all ages can enjoy. If you’re into simple VR games that let you use your intelligence and soft side to help characters, this game won’t disappoint you.

Half-Life: Alyx

Half-Life: Alyx is a game released by Valve. Its events take place sometime after Half-Life and before Half-Life 2. In this game, you play as Alyx Vance, who needs to research the weaknesses of enemy Combine forces.

Fans of sci-fi games and those who enjoy captivating storytelling, top-notch graphics, and great physics mechanics will like Half-Life: Alyx. This action game will be quenching your thirst for game combat while you wait for Half-Life 3 to come out!

For the Ultimate Gaming Experience, Get a Proxy!

Getting a proxy for gaming might initially sound counterintuitive, but it’s super beneficial. With a proxy server, you can play geo-targeted games, reduce lag spikes, access sites and gaming platforms you’re blocked on, and more! Therefore, we highly recommend you read more about proxies before purchasing a VR game to immerse yourself in your favorite universe the right way. Happy gaming!

Search for Available Linux Commands With apropos

Posted on 2022-06-23 by Kernel

So you used a certain command but cannot remember its exact name anymore?

You can use the ctrl+r keyboard shortcut in the terminal and reverse search through the shell history.

This could work if you had used the command on the same system. But what if you used it on some other Linux system or just came across it in some forum or website?

The good thing here is that there is a dedicated Linux command that lets you search with a string in the available commands on your system.

Search for Linux commands with apropos

The apropos command lets you search for a keyword in the man page name and description.

This should be sufficient in many cases to help you find the command you are looking for.

Using the apropos command is simple:

apropos [options] keyword

Here’s an example. Let’s say that you are looking for a command that has something to do with the CPU. You use the apropos command with CPU keyword:

apropos cpu

And it gives you all the commands that have CPU in its name or in the short description of its man page.

root@learnubuntu:~# apropos cpu
chcpu (8)            - configure CPUs
cpuid (4)            - x86 CPUID access device
cpuset (7)           - confine processes to processor and memory node subsets
lscpu (1)            - display information about the CPU architecture
msr (4)              - x86 CPU MSR access device
sched (7)            - overview of CPU scheduling
taskset (1)          - set or retrieve a process's CPU affinity

By default, the search is case insensitive and the keyword could be a regular expression. This is why you see lots of matches like CPUs, CPUID, etc.

If you want an exact match, you can use the option -e:

root@learnubuntu:~# apropos -e cpu
lscpu (1)            - display information about the CPU architecture
msr (4)              - x86 CPU MSR access device
sched (7)            - overview of CPU scheduling
taskset (1)          - set or retrieve a process's CPU affinity

Multiple keywords

If you provide more than one keyword, apropos returns all the entries that match at least one of the given keywords.

As you can see in the below example, there are 307 entries matching either network or pro.

root@learnubuntu:~# apropos network pro | wc -l
307

If your searched term contains more than one word, you can use quotes around them to search for the entire keywords with spaces.

root@learnubuntu:~# apropos "network pro"
mtr-packet (8)       - send and receive network probes

The above example requires you to have all the keywords together. You can use the -a option and have entries matching all the keywords in any order.

root@learnubuntu:~# apropos -a network pro
ip-netns (8)         - process network namespace management
mtr-packet (8)       - send and receive network probes

Search only for the user or system commands

You’ll often find that the apropos command returns a huge output and not all of them are commands.

It’s because it searches in all the sections of the entire man pages.

If you are familiar with man pages, you would know that section 1 has user commands and section 8 has system commands. Here’s a quick recall:

Section	Description
1	User Commands
2	System Calls
3	C Library Functions
4	Devices and Special Files
5	File Formats and Conventions
6	Games etc
7	Miscellanea
8	System Administration tools and Daemons

So, when you searched for CPU it showed results from all the sections. Notice the number after each ‘command’.

root@learnubuntu:~# apropos cpu
chcpu (8)            - configure CPUs
cpuid (4)            - x86 CPUID access device
cpuset (7)           - confine processes to processor and memory node subsets
lscpu (1)            - display information about the CPU architecture
msr (4)              - x86 CPU MSR access device
sched (7)            - overview of CPU scheduling
taskset (1)          - set or retrieve a process's CPU affinity

You can refine the search and list entries only from the specific sections:

root@learnubuntu:~# apropos -s 1,8 cpu
chcpu (8)            - configure CPUs
lscpu (1)            - display information about the CPU architecture
taskset (1)          - set or retrieve a process's CPU affinity

💡

The man -k command will display the same result as the apropos command.

There are ways to get help in the Linux command line. The apropos command is one of them and surprisingly not many people are aware of it.

I hope you learned something new from this article. Stay tuned for more.

Linux Lite 6.0 Based on Ubuntu 22.04 LTS Released

Posted on 2022-06-22 by Kernel

Linux Lite 6.0 Based on Ubuntu 22.04 LTS Released

The latest version of Linux Lite 6.0 which is based on Ubuntu 22.04 LTS is now available for download. Linux Lite 6.0 is powered by Linux kernel 5.15, and you will find the Xfce 4.16 desktop environment. Google Chrome is now the default web browser in Linux Lite 6.0.

Minimum Recommended Specs For Linux Lite 6.0:
1Ghz processor
768MB ram
8GB HDD/SD
VGA screen capable of 1024×768 resolution
DVD drive or USB port for the ISO image

Preferred Specs For Linux Lite 6.0:
1.5GHz processor+
1024MB ram+
20GB HDD/SSD+
VGA, DVI, or HDMI screen is capable of 1366×768 resolution+
DVD drive or USB port for the ISO image

Linux Lite 6.0 Based on Ubuntu 22.04 LTS Released

Some of the changes and the features that you can find on Linx Lite 6.0:

Material is the new window theme.
You can find Orca which is a free and open-source, flexible, extensible screen reader from the Gnome project.
Kernel: 5.15.0-33 ( custom kernels also available via our Repository for versions 3.13 – 5.18 )
Chrome: 102.0
Thunderbird: 91.9.1
LibreOffice: 7.2.7.2
VLC: 3.0.16
Gimp: 2.10.30
Base: 22.04

Download Linux Lite 6.0 ISO From Here

Meet the Administrators of the RSOCKS Proxy Botnet

Posted on 2022-06-22 by Kernel

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad who also runs the world’s top spam forum.

The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.

According to a statement by the U.S. Department of Justice, RSOCKS offered clients access to IP addresses assigned to devices that had been hacked:

“A cybercriminal who wanted to utilize the RSOCKS platform could use a web browser to navigate to a web-based ‘storefront’ (i.e., a public web site that allows users to purchase access to the botnet), which allowed the customer to pay to rent access to a pool of proxies for a specified daily, weekly, or monthly time period. The cost for access to a pool of RSOCKS proxies ranged from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.”

The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums.

The user “RSOCKS” on the Russian crime forum Verified changed his name to RSOCKS from a previous handle: “Stanx,” whose very first sales thread on Verified in 2016 quickly ran afoul of the forum’s rules and prompted a public chastisement by the forum’s administrator.

Verified was hacked twice in the past few years, and each time the private messages of all users on the forum were leaked. Those messages show that after being warned of his forum infraction, Stanx sent a private message to the Verified administrator detailing his cybercriminal bona fides.

“I am the owner of the RUSdot forum (former Spamdot),” Stanx wrote in Sept. 2016. “In spam topics, people know me as a reliable person.”

A Google-translated version of the Rusdot spam forum.

RUSdot is the successor forum to Spamdot, a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). In an early post to Antichat in January 2005, Stanx disclosed that he is from Omsk, a large city in the Siberian region of Russia.

According to the cyber intelligence firm Intel 471, the user Stanx indeed registered on Exploit in 2013, using the email address stanx@rusdot.com, and the ICQ number 399611. A search in Google for that ICQ number turns up a cached version of a Vkontakte profile for a Denis “Neo” Kloster, from Omsk, Russia.

Cybersecurity firm Constella Intelligence shows that in 2017, someone using the email address istanx@gmail.com registered at the Russian freelancer job site fl.ru with the profile name of “Denis Kloster” and the Omsk phone number of 79136334444. Another record indexed by Constella suggests Denis’s real surname may in fact be “Emilyantsev” [Емельянцев].

That phone number is tied to the WHOIS registration records for multiple domain names over the years, including proxy[.]info, allproxy[.]info, kloster.pro and deniskloster.com.

A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019. It shows that in Oct. 2019, he obtained a visa from the American Embassy in Bangkok, Thailand.

The “about me” section of DenisKloster.com says the 35-year-old was born in Omsk, that he got his first computer at age 12, and graduated from high school at 16. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

According to Kloster’s blog, his first real job was running an “online advertising” firm he founded called Internet Advertising Omsk (“riOmsk“), and that he even lived in New York City for a while.

“Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013. “I opened an American visa for myself, it was not difficult to get. And so I moved to live in New York, the largest city in the world, in a country where all wishes come true. But even this was not enough for me, and since then I began to travel the world.”

The current version of the About Me page on Kloster’s site says he closed his advertising business in 2013 to travel the world and focus on his new company: One that provides security and anonymity services to customers around the world. Kloster’s vanity website and LinkedIn page both list him as CEO of a company called “SL MobPartners.”

In 2016, Deniskloster.com featured a post celebrating three years in operation. The anniversary post said Kloster’s anonymity business had grown to nearly two dozen employees, most of whom were included in a group photo posted to that article (and some of whom Kloster thanked by their first names and last initials).

The employees who kept things running for RSOCKS, circa 2016.

“Thanks to you, we are now developing in the field of information security and anonymity!,” the post enthuses. “We make products that are used by thousands of people around the world, and this is very cool! And this is just the beginning!!! We don’t just work together and we’re not just friends, we’re Family.”

Mr. Kloster did not respond to repeated requests for comment.

It’s not clear if the coordinated takedown targeting the RSOCKS botnet will be permanent, as the botnet’s owners could simply rebuild — and possibly rebrand — their crime machine. Based on the RSOCKS owner’s posts, that is exactly what they intend to do.

“RSocks ceases to exist,” wrote the Rsocks account on the BlackHatWorld forum on June 17. “But don’t worry. All the active plans and fund balances will be transferred to another service. Stay tuned. We will inform you about its name and all the details later.”

Rsocks told the BlackHatWorld community they would be back soon under a new name.

Malware-based proxy services like RSOCKS have struggled to remain competitive in a cybercrime market with increasingly sophisticated proxy services that offer many additional features. The demise of RSOCKS follows closely on the heels of VIP72[.]com, a competing proxy botnet service that operated for a decade before its owners pulled the plug on the service last year.

Here are Some Useful Steps That Will Help You Choose the Right Trading Platform

Posted on 2022-06-21 by Kernel

Trading has become popular among investors for a variety of reasons. It can be a great way to make money and grow your investment portfolio. But, to be successful at trading, there are so many different things that you need to take into account. One of the most important things is choosing the right trading platform.

When it comes to trading platforms, there are a lot of different options you can choose from. Each one has its own set of features and benefits, which can make it difficult to decide which one is right for you. In this article, we will provide you with a few useful steps that will help you make the right decision when it comes to choosing a trading platform. So without further ado, let’s get started!

Do a Good Research

The first thing you need to do is to research the different trading platforms available. You can start by reading reviews from other investors or checking out comparison articles. This will give you a good idea of what each platform has to offer and whether or not it would be a good fit for your needs. Just remember that not all reviews are created equal. Some might be biased, so you need to take them with a grain of salt.

If you are new to trading, then you might want to look for a platform that is easy to use and has a lot of user-friendly features. By following the info available in this eToro review, you can see that it is a great option for beginners as it has an intuitive interface and plenty of helpful features. However, if you are more experienced, and want to have more control over your trades, then you might want to opt for a platform that offers more advanced features like stop-loss orders or limit orders.

Consider the Fees

Another important thing to take into account is the fees charged by the platform. Some platforms might charge you a commission for each trade, while others might have a monthly subscription fee. Some offer free trading, but they might make money from other sources like advertising or by charging higher fees for withdrawal or deposits. You must consider all of these factors when making your decision so that you can choose a platform that is affordable for you.

In addition to the fees, you should also check the payment options offered by the platform. Some might only accept bank transfers, while others might also support credit cards and e-wallets. It’s important to choose a platform that offers a payment method that is convenient for you.

Check the Security Measures

When you are dealing with money, security is always a top priority. When it comes to trading platforms, you need to make sure that your personal and financial information is well-protected. The platform should have implemented adequate security measures, such as encryption, to safeguard your information. You should also check if the platform is registered and regulated by a reputable authority. This will give you peace of mind knowing that your money is in good hands.

And if possible, you should also check if the platform offers two-factor authentication. This is an extra layer of security that can help protect your account from hackers.

Check the Customer Support

Even the best trading platforms can have occasional technical issues. When this happens, you need to be able to get in touch with customer support so that the issue can be resolved quickly. The platform should offer multiple channels of communication, such as email, phone, and live chat. And they should also have a good reputation for responding to customer inquiries promptly.

If you are new to trading, you might want to look for a platform that offers educational resources. This can come in handy if you need some help understanding how the platform works or if you want to learn more about trading in general.

Try Out the Platform

Once you have narrowed down your options, the next step is to try out the platform. Most trading platforms offer a demo account that you can use to test out the features and get a feel for how the platform works. This is a great way to see if the platform is user-friendly and if it has all the features that you need.

Many trading platforms also have mobile apps that you can use to trade on the go. This is a great feature to have as it allows you to respond to market changes quickly and easily. And most importantly, you should feel comfortable using the platform. If you don’t, then it’s probably not the right one for you.

Trading platforms can be a complex and daunting task, especially if you are new to the world of investing. It is therefore important to consider your overall experience. By taking into account things like the user interface, the fees, the payment options, and customer support, you can be sure to find a platform that is right for you.