Fedora Project Insider

User who follows Life: Infinity, Freedom and Voice.

Article by Peter Czanik, from Fedora Community Hungary.

Source page: https://czanik.blogs.balabit.com/2012/11/security-spin-preview-as-syslog-ng-3-3-7-is-part-of-the-upcoming-fedora-18/

The beta of Fedora 18 was supposed to be released earlier… sadly it was postponed again by two weeks, but as there are some great news regarding Fedora and syslog-ng, so I did not wait for the official release. I rather downloaded a nightly build to check it out. I did not research why the release was postponed, but personally I ran only some minor cosmetic problem during installation

As I tested in a virtual machine, the regular Fedora release was not really optimal for me, as it uses Gnome3 and needs 3D acceleration. As I don’t have 3D support, don’t like Gnome3 and I’m interested in security anyway, I downloaded the so called “security spin”. This raises two questions for those not familiar with Fedora, for which I quote the security spin website:

What is a spin? “Fedora Spins are alternate version of Fedora, tailored for various types of users via hand-picked application sets and other customizations.”

What is the security spin? “The Fedora Security Lab provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations.”

Luckily for me, the security spin is equipped with LXDE, which is a light weight Desktop Environment. It does not need 3D or much system resources and it runs very fast. All of the tools are collected under the “Security Lab” menu, which is further divided based on point of interest, ranging from code analysis to wireless network security. Some of these are graphical tools, many of them console based, but even these are easily available from the menus and a console window is started for them. Most of my favorite tools are available: nmap for port scanning, nwipe for securely wiping partitions, iptraf & co for looking at network traffic and many more.

The current look and feel of the security spin is now quite boring. Just a simple blue background with some stripes on it. But it will be changed in the next few weeks, as one of the guys from the Hungarian Fedora team (which invited me to FUDcon Paris) did a very nice new artwork. It will be worth to try the security spin just for this

Now back to the reason why I originally downloaded the Fedora installer: syslog-ng. The good news is that syslog-ng 3.3.7 is now part of the release. I installed it and gave it a quick try and everything worked as expected. A big thanks goes to JPO (José Pedro Oliveira) and Mrunge (Matthias Runge), who maintain the package inside Fedora!

This story might also become part of my FOSDEM presentation next February about upstream – downstream relations: syslog-ng 3.3 used a forked version of the ivykis library instead of upstream. The syslog-ng package could not be updated to 3.3.X in Fedora until this problem was resolved and upstream ivykis worked instead of the bundled forked version. This needed a lot of work both on the syslog-ng and the ivykis side, but version 3.3.6 solved this problem and 3.3.7 entered Fedora last week.

If you want to see why to upgrade to this latest version, see the announcement blog at http://bazsi.blogs.balabit.com/2011/10/syslog-ng-3-3-1-released/

Looking forward to the next Fedora release – in my opinion will be awesome.

I think it’s time to renew and breath new life into our Freemedia Project, and this can be an good opportunity to help out our users, who are unavailable to obtain one of our media. Here at Hungary there are some people also, who has only a limited bandwith mobile access for the internet, so I have decided to help out FrancisoD – and made the hungarian version of the Freemedia Mailer template, and offered the testing if necessary….

Oh, you don’t know what is the Freemedia mailer template? Well, basically this is nothing more than an software and an printable envelope, that could protect an disc, and you are able to send with it (y)our media without any further packaging. The software [1] is targeted to fill out the template with your FAS data automagically (yes, similarly as our business card applet), and finishes with an ready to print template. FranciscoD has already made huge steps ahead with the software that creates this template [2], and the initial form looks awesome (that also proofs that we have awesome designers, thx design team!). Btw – I printed out samples, and it fits amazingly – even with sleeve. Take a look over here:

After I’m an translator – I would like to take the task to get more translation for this template, and merge it – it really everybody deserves to have one Fedora disc nearby – and the ambassadors will get one more tool to support our users out there. There are not much to translate, and takes only 10 minutes, but it makes already easier to make versatile tests, and support more of our users. So, if you want to support us – please look for me, and I will return to you the text parts that need to be translated.

[1] http://ankursinha.fedorapeople.org/fedora-freemedia-tool/

[2] http://ankursinha.fedorapeople.org/fedora-freemedia-tool/fedora-freemedia-tool-0.2-1.fc16.x86_64.rpm

After many problems, pain, blood and tears the hungarian community site for our small (but growing) community has settled – and it has built an baby website where we believe that our community will find their home. First steps are really hard, because we have to find more of our balance, and more people who could actively participate – contribute… I don’t know how the other communities has begun their first steps in Fedorian FOSS world, it would be nice to hear once of their success stories. Yeah, we would like to hear every story, and perhaps we could avoid the same or the similar mistakes – as others done.

I think this just an small gnome footstep, what we leave here on the net – but we want an better world, and an better community that adds new elements to our 4F principles. We have high hopes before of our community, and our site – as we talked about at our very first fedora round table meeting, and we feel that we’ll succeed. New events, contacts with many many people, teachers, schools, and more….. oh, and an small message to other small communities: we are ready to work together, if you need us – we will be there. Would be awesome to hold an event at Moscow, at Poland, or Bucharest – so if you are interested – contact me – and let’s plan and get ready to be done. Seriously. Tell us.

We know that not everything is perfect, even at our site – so – please, if you have advices, or wishes we gladly greet everyone at our IRC channel at Freenode #fedora-hu channel and there you could keep the contact.

I also would like to say again thank you to everyone who supporting us, specially to our board, to Jörg Simon, and to our admin who has created this drupal site namely Peter Borsa (FAS: Asrob), also to our ambassadors, who working hardly to keep the community together.

The current website adress is:

http://sysadmin.vinfo.hu/

Dear Fedorians!

The Insight team is looking for help, aid, we would like to grab more people for the development of the project called Fedora Insight[1].
But what is that Insight? Those who don’t know this project here is an short description:

Fedora Insight is a Drupal-based website that serves as a place to publish and share news, articles related to Fedora and Fedora marketing materials in various formats. Insight makes it easy for users, developers, and journalists — people who aren’t yet a part of the Fedora contributor community — to keep up with recent highlights without following a dozen different blogs and mailing lists.

We believe you can help us in Insight development. Currently we are looking for the following people:

1. Theme creator

Knows the combination of HTML, CSS and a little bit of PHP. To this you need only some Drupal theme docs [2][3] and you could successfully contribute, to be available an Drupal 7 theme for Insight. If you are interested, you’ll find our wiki [3] how can you make contact with us, and where you could find the Drupal theme (sample) files.

2. PHP (+Drupal) developer

If you know PHP, but would like to learn Drupal either, then you’re our perfect candidate.
Currently we have an actively maintained FAS auth module [4] for Drupal 6, what we would like to update to Drupal 7. Also we could provide an documentation [5] for this, what is available on drupal.org. We use the Feature module, what makes easy the development flow. More about this – check at [6] here.

3. Testers, Use case testers

It’s important, that we must test it out every piece of code, an we do it as we could. Sadly, sometimes some bugs are appearing when it’s unwanted, or it’s stays hidden, or we haven’t met. Therefore we appreciate anybody who could help to discover and report bugs. Tester can be anybody from the community, no need any special knowledge. We need also people who help to test out the mentioned FAS auth and Drupal 7 Mediawiki modules, the calendar module, and the site itself. All this can be done on our testing site [7]. But here pre-registration is required, because the FAS module has been temporarily disabled.

To be able help our work, please send an mail to our mailing list [8], with an short introduction that includes FAS, and the job that would like to help us. After this you’ll receive the necessary access rights, if the work needs that. (eg. like you would like to make an theme).

Also, you as a future important contributor of the project, we awaiting you – and everyone else online at Fudcon Blacksburg 2012, where we’ll put great emphasis to the calendar module [9], and we ask you to share any kind of idea, critics around it, or just contact with us through the IRC – at fedora-mktg channel. We gladly help your first steps.

[1] https://fedoraproject.org/wiki/Insight
[2] http://drupal.org/update/themes/6/7
[3] https://fedoraproject.org/wiki/How_to_work_on_the_Insight_theme
[4] http://git.fedorahosted.org/git/?p=drupal6-authfas.git;a=summary
[5] http://drupal.org/update/modules/6/7
[6] https://fedoraproject.org/wiki/Insight_development_using_Features_module
[7] https://insight02.dev.fedoraproject.org
[8] https://lists.fedoraproject.org/mailman/listinfo/logistics
[9] https://fedoraproject.org/wiki/Insight_use_cases_for_calendar

After I’m helping to search new applications for our Security spin, I couldn’t resist to learn always something new. Around, about security. Something like what is an rainbow table, password hashes, or how can you test your user database – make an security audit. How things are working, and so on. As I getting more and more deeper into the theme, I feel that I should learn new ways to keep secure my freedom, and independency and prevent loss of  my personal data. If we are put out more our (private) life / files /data to on-line who will ensure that won’t be used or reused from storages, from clouds by an 3rd party? Trust or not trust? Good question, right? But, at least our data /partition encryption or our passwords must be enough to keep our data in safer place. Or both together. Time just passed, and we are not anymore back in the ’80es, we all almost have one or more multi-core electronic device, that’s already chained into an network – and guess what: with it’s own operating system, that capable to do the same as our desktop machine. Not to mention, that if one machine is not enough, and the attacker is connected…. no password can stand in it’s way for long. That’s why it’s recommended to turn on encryption at many place… But how can we have a nice complex password that slows down the attacker?

In a hypothetically perfect world, we’d be able to remember infinite numbers of passwords, but the truth is for the most people: not possible. Instead of it this can be followed, I think:

• Do not use passwords that are easy to guess, e.g anything directly related to you, like your name or names of family/friends/pets/etc; or date of birth; or favourite colour,band,etc..
• Ideally, use a longish random string as your password, of at least 10 characters (but longer is better).
• The same applies for password-recovery questions, which often ask for information that is in the public domain (e.g. mother’s maiden name, date of birth). Do not provide real answers! Instead just make something up, or use another random string if possible.
• Do not re-use passwords across different websites, unless you truly do not care about what is on those sites, and what they can do in your name with that password.
• Do not be afraid to write them down if you can store them securely. E.g. if your home is reasonably secure, it’s fine to store most passwords on paper there. IF it’s just a limited amount you need to store.
• If you trust that a computer or device is sufficiently secure, it’s perfectly fine to store passwords on it, e.g. in a text-file. Also, many programmes support saving passwords and if you trust those programmes then it’s perfectly OK to use those features.
• Consider using disk-encryption products like PGPDisk, TrueCrypt, LUKS or the other built-in capabilities of many Linux/Unix distributions (some of which offer this at install time) to protect your data with a master key. This is particularly recommended for laptops.
• Any computer running MS Windows likely can not be considered secure and should not trusted with more sensitive information. Portable devices should not be considered secure, unless their contents are known to be encrypted, and they automatically lock themselves after a small period of unuse (i.e. don’t trust your phone too much for storing sensitive data).

Yes – Ideally, all your day-to-day passwords for your various, online accounts should be unguessable, random strings;  you’d never have to remember any of them; you would just, at certain times, have to enter a master pass-phrase (which should be unguessable, but still memorable and much longer than a password) without which the passwords would effectively not be accessible. But here also can be trouble – if you go to the trouble of memorizing a highly-secure, random password, you’re going to *want* to recycle it. And so many web sites now ask you to create a user account and a password, it’s practically impossible to create strong passwords for the multitude of needs, so you can either create simple, easy-to-remember passwords that are easy to crack, or recycle.

It also doesn’t help that various sites are in conflict with each other as to what they allow. e.g., some sites require a letter, number, special character, and capital letter, while other sites *can’t accept* special characters, and others require you to start with a letter only, while others let you start with a number, while others require a minimum of X characters, while there is some that actually have a *maximum* number of characters! This is the sort of thing that leads to passwords like “qwerty”,” 1212″ and “xyzzy” and such…..

Even when I think to Fedora – when I install the system, and drops the message at password page -”This password is exists in database. Use it anyway?” – makes me thinking. Who has composed this database, and what is the source of this? Moreover,  if char based security so weak (has so many flaws), do we have stronger, better solution? Is there any visual security feature or other methods for anaconda? We writing 2012 – what can be the optimum solution?

We would like to promote us at Hungary – to have an Fudcon at Budapest.

Our team true old wish to conquer new white spaces, and paint it again to blue. I know that the Hungarian team is still growing, but all three ambassadors are working hardly to grow this area, and around our country.

We have awesome circumstances, and an beautiful city that worthy to visit and hack at Fudcon. We are under preparation, and we awaiting here the hungarian drupal community, guys from Brno – and many-many others. Please vote for Budapest and ask for it!

https://fedoraproject.org/wiki/FUDCon:EMEA_2012_Bid_Budapest

I have an good news to everybody – if somebody wants to visit Hungary – from now on should not stay at BUD if he/she wants to visit other regions inside Hungary. As it seems Malev, the main HU airline company has kept their promise, and everybody could directly book an filght and direct transfer to/from other cities (5 different regions of Hungary):

• DEB (Debrecen),
• QGY (it’s my city, Györ – whohooo!),
• MCQ (Miskolc),
• QPJ (Pécs),
• QZD (Szeged)

Also includes to the service that if you miss the plain, then they ensuring that you get an room in one of the Marriot hotels. So, how it’s works? Well, after you had booked the flight, they directly transferring between the target city and back to BUD airport too. No need to train, rent a car or anything – and the transfer is included to your air ticket (even for groups). Neat, right? Oh, one more thing: The same rules are accepted for the transfer as on the plain: you get food, drinks – and so on. Ah, yeah, and after take off you could move freely inside the cabin

I think if this will go smoothly, then is no more blocks to to bring/bind together Fedorians at Hungary.

Cheers,

Zoltan

Hi Fedorians,

After I have an special appetite for interesting stuff – well, this is an interesting work about how can you demonstrate for eg. sort operations. Thanks for the Maros dance group, and the cooperations of the transsylvanian Hungarian Sapienta University of Science.

Shell-sort: http://www.youtube.com/watch?v=CmPA7zE8mx0
Merge sort: http://www.youtube.com/watch?v=XaqR3G_NVoo
Insert sort: http://www.youtube.com/watch?v=ROalU379l3U
Select sort: http://www.youtube.com/watch?v=Ns4TPTC8whw

Have fun

PS: Don’t say that our admins are don’t working Go on, hack and dance!

Greetings Fedora Users and Developers,

We are working heavily to bring something awesome for us forward that what we call Fedora Insight[1]. Fedora Insight in long term is not just an RSS feed as it’s right now, else we plan an events module, a calendar[2] module for scheduling and better coordination, microblogging, FWN and many-many more – an integrated system that improves our community.

But, Fedora Insight is nothing more yet, just an series of drupal modules, and a series of ideas[2][3] that will aid us in long term within Fedora, and will improve our community life as we do improvements. We have high hopes before this devel site, so – that’s why we start here, where you could see improvements, articles about how we work, live with the content, and as we do flaws. Of course, if you are interested you could easily join to the Fedora Insight team, and play around with our newest toys. Just check it on the right of the page, drupal lists for you already few of them. We gladly accept anybody who wants to even just make a test run or write a review to us, or curse out that something not really works so as it’s expected . You know, we die for hear your voice, because we do it for YOU.

Rock’n'roll guys and girls!

[1] https://fedoraproject.org/wiki/Insight
[2] https://fedoraproject.org/wiki/Insight_use_cases_for_calendar
[3] https://fedoraproject.org/wiki/Insight_use_cases_for_status_and_microblogging

“…or the world how small can be.” – as I could add this as sub-title for this blogpost. I know that I have not much time to blog – but after this Fedora Round Table BUD – was an truly awesome event – something has happen with me and I would like to share the story:

After my train hasn’t arrived in time, I had to buy an another ticket to Railjet that heads to my home city, Győr. But it seems, that was my fortune – because when I have stepped on the train, never expected that I’ll meet someone who want keep in touch and work with me. Here is how begun:
The man and his wife, came from Vienna to Hungary to visit some of their (business) friends (as I heard this from their english conversation) – and his wife asked in English help to type an reply sms in Hungarian back to their HU friends. It was really hard, because I never liked Blackberry, with my huge thick fingers always hated to type anything on shrinked tiny keyboard – and I have told this concern to the women.

“Oh, really? You don’t like Blackberry phones, then witch is your favourite? Mine is my iPhone, and my new iPad”…. Umm, well, my open source heart and soul has felt the pain, and I replied so:

“Indeed, the iPhone, and the iPad are nice devices – but I much more like sharing, open source hardwares, and softwares”. I think this was the point, where the man begun to pay attention to our talk – and joined to the conversation and asked me:

Man: “Really? Then what’s that I am using on my laptop?”
Me: “Well, of course an Linux operating system, called Fedora.”
Man: “Oh, I see – that’s why this text written on your blueish t-shirt: Fedora Ambassador, but what’s that Ambassador on it?”
Me: “We are the heart of our community, and keeping the contacts with contributors, with newbies, company CEO’s, and so on… we also fight for freedom.”
Man: “Really? That’s nice… Then I’m sure you have met with bunch of people already. Do you know the name Miguel de Icaza?”
Me: “Sure. The early Ximian and later Mono developer. Why are you asking?”
Man: “Because of he is my cousin. I’m just live here at Vienna, and lead my business. Let me introduce myself (handed over his hand to shake): my name is Ronan Le Bras from CTBTO, head of the International Datacenter Division from the International Centre Vienna.”
Me: “Unbelievable! That’s a surprise, nice to meet you!”
Man: “Do you have an business card?”
Me: “Of course.” – and we have exchanged the business cards….

After this we have begun to talk more deeply, passionately about linux, free softwares, and Red Hat as origin of Fedora, and he told me that he is also using in his business RH and Fedora sometimes either as client (but mostly as servers). I suggested to keep in contact, and if it’s possible – look for me if he want to meet with us, or need some help. Just in case I have given few freshly received F15 media too I have told about my job at Nokia, and he suggested that if I ever need help for arrange an meeting, just search him, and he will see what could I help for me (for us).

About an half an hour has passed quickly, but sadly I had to finish this conversation here, because the train has arrived to my home city. But we promised that we’ll keep the contact -
and I said farewell to them…

That was happened…. So, I think you could never know who sits down nearby to you, as on the internet – you never know who is on the opposite site of the line or inside the network…. I hold here his business card, and I hope that we will meet again. So it wasn’t a dream, and we have an another friend for Fedora. I think maybe we once again create such a great slogan, we should place FRIENDS to the first place. Without that we couldn’t create Freedom, Features, and every time – as First….