Category: Server

Interesting Alternatives to Some of the Classic Linux Commands

Legacy commands were created several decades ago and while they do their intended jobs, their functionalities could be improved and the structure could be simplified.

This is why there exist ‘alternative’ tools that enhance the legacy UNIX/Linux commands. In this article, I am going to list some new CLI tools that you could use in place of the good old classic Linux commands.

HTTPie: Alternative to wget and curl

When it comes to downloading files in terminal, wget and curl are the two of the most common tools. Interestingly, not all distributions have curl, wget installed by default.

HTTPie does the same job but in a more human-friendly way. You have colorized, the formatted output which makes it easier to understand and debug.

Bat: Alternative to cat

The cat command is perhaps one of the first commands you learn. It does the job for viewing the contents of small text files.

But bat command takes it to the next level by adding features like syntax highlighting and Git integration. The pagination option is also available.

ncdu: Alternative to du command

The du command in Linux is used for checking the size of a directory. It’s not very straightforward command and it certainly doesn’t give a very good default output.

Compared to that, ncdu is a lot better than providing the relevant information at the first glance.

There are other features here such as showing the disk usage in graphs, sort the display and even delete directories interactively.It is based on ncurses and hence the ‘nc’ is added to ‘du’. A similar CLI tool is gdu which is a du replacement written in Go which gives it a performance boost.

fd: Alternative to the find command

The find command is one of the most powerful and most used Linux commands. It’s impossible to imagine that a sysadmin could survive without using the find command.

But the find command has a strange structure and it could be slow if you do a large set of find operations. A better and faster alternative is fd command. Written in Rust, fd is simpler and faster than its legacy competitor.

exa: Alternative to ls command

The exa CLI tool adds a few features while listing directory contents. It has better defaults and uses colors to distinguish file types and metadata. exa can also display a file’s extended attributes, as well as standard filesystem information such as the inode, the number of blocks, and a file’s various dates and times.

You can use the tree view to see directory structure. It also has built-in Git support to see what files have changed, committed and staged etc.

Duf: Alternative to the df command

The df command in Linux is used for checking disk space. While it works most of the time, an easier and better alternative is duf, a tool written in Go.

It gives you an overview of all the devices mounted which is easy to understand. You also have the ability to specify a directory/file name and check free space for that mount point.

With duf, you can sort the output, list indoe information and even save the output in JSON format.

 

Google and Microsoft Cloud Solutions Compared

Microsoft 365

Many PC users will already be familiar with many applications from the Microsoft 365 suite. Word, Excel, and PowerPoint are some of the most well-known programs in the world and are part of the standard equipment in many offices. Microsoft 365 enables software solutions to be used in the cloud. This simplifies working on the go and transforms traditional office applications into modern collaboration tools.

Advantages Disadvantages
✓   Popular Office applications X   Complex licensing system
✓   Cloud and desktop solutions X  
✓   Extensive opportunities for collaboration X  
✓   Cloud storage included X  

Google Workspace

Google has been offering more than just its search engine for a while now. Office solutions were also part of its product portfolio relatively early on. Back then, Google was actually one of the first to offer spreadsheets, word processing, and the ability to create presentations via a web application in the browser. By integrating Gmail and Google Drive, the individual programs in the meantime, it has grown into a comprehensive suite that is completely in the cloud.

Advantages Disadvantages
✓   Device-independent operation X   No desktop version
✓   Professional email domain included in Gmail X  
✓   Extensive opportunities for collaboration X  
✓   Cloud storage included X  

Google and Microsoft cloud solutions compared

With the productivity software Google Workspace, Google is targeting the business segment – a declaration of war to market leader Microsoft and their competitor product Microsoft 365.

App feature Microsoft 365 Google Workspace
Word processing Microsoft Word Google Docs
Spreadsheet calculation Microsoft Excel Google Sheets
Presentations Microsoft PowerPoint Google Slides
Email Microsoft Outlook Gmail
Digital notepad Microsoft One Note Google Keep
Web hosting Microsoft Sharepoint Google Sites
Video conferencing Skype for Business Google Meet
Instant messaging service, group chats Microsoft Teams, Skype for Business Google Chat
Chat-based workspace Microsoft Teams Google Chat
Social Media for companies Yammer Google Currents
Office applications as web apps Yes Yes
Offline operation possible Yes Yes
Cloud storage & file sharing Microsoft 365 Google Workspace
Storage capacity per user license 1 TB Depending on the plan 30 GB, 1 TB, 5 TB or unlimited
Synchronization Yes Yes
Versioning Yes  
File sharing via link including expiration date Yes Yes
Search function Yes NLP supported
Collaboration Microsoft 365 Google Workspace
Business suitable appointment and contact management Yes Yes
Joint editing of texts, tables, and presentations Yes Yes
Video calling Yes Yes
Instant messaging Yes Yes
Group chats Yes Yes
Video conferencing Yes Yes
Internal company websites/Intranet Yes Yes
Social Media for companies Yes Yes
Email Microsoft 365 Google Workspace
Ad free Yes Yes
Includes your own email domain No Yes
Mobile app Yes Yes
Desktop mail client included Depends on plan No
Email aliases Yes Yes
Groups/Email distributors Yes Yes
Security & data security Microsoft 365 Google Workspace
Data encryption Yes Yes
ISO /IEC 27001 (Information security) Yes Yes
ISO /IEC 27017 (cloud security) Yes Yes
ISO 27018 (cloud privacy) Yes Yes
SOC 1 Yes No
SOC 2 Yes Yes
SOC 3 Yes Yes
FedRAMP Yes Yes
PCI DSS (security standard for credit card transactions) Yes Yes
HIPAA BAA Yes Not all applications
Support & availability Microsoft 365 Google Workspace
High availability 99.9 % 99.9 %
24/7 support Yes Yes
Telephone Yes Yes
Chat/Email Yes Yes

Vulnerability in the kernel allows privilege escalation through directory manipulation

Recently Qualys security researchers (a cloud security, compliance and related services company) released details of a vulnerability what they detected and what they affect the Linux kernel.

CVE-2021-33909 affects the kernel and allows a local user to achieve code execution and escalate privileges by manipulating highly nested directories.

The vulnerability is due to the lack of validation of the result of converting size_t to type int before performing operations on the seq_file code, which creates files from a sequence of records. Lack of validation can result in writes to an area outside the buffer limits when creating, mounting, and dropping a directory structure with a very high level of nesting (path size greater than 1GB).

Any non-privileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration.

As a result, an attacker can get a 10-byte string “// deleted” with an offset of “- 2 GB – 10 bytes”, pointing to the area immediately before the allocated buffer.

The threat of vulnerability is compounded by the fact that researchers were able to prepare functional exploits on Ubuntu 20.04, Debian 11 and Fedora 34 in the default settings. It is noted that other distributions have not been tested, but theoretically, they are also susceptible to the problem and can be attacked.

Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and gain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely to be vulnerable and probably exploitable.

The work of the exploit boils down to creating a hierarchy of roughly a million directories nested via mkdir () call to achieve a file path size greater than 1GB.

This directory is bind-mount mounted in a separate user namespace, after which the rmdir () function is run to remove it. In parallel, a thread is created that loads a small eBPF program, which hangs at the stage after verifying the eBPF pseudocode, but before its JIT compilation.

In the unprivileged user ID namespace, the / proc / self / mountinfo file opens and reads the long directory path mounted with bind-mount, resulting in the line “// deleted” being written in the region before the start of the buffer. The position for writing the line is chosen in such a way that it overwrites the instruction in the already tested but not yet compiled eBPF program.

Furthermore, at the eBPF program level, uncontrolled writing out of the buffer is transformed into a read / write capability controlled in other kernel structures by manipulating the btf and map_push_elem structures.

The exploit then places the modprobe_path [] buffer in kernel memory and overwrites the path “/ sbin / modprobe” in it, allowing any executable file to be launched as root if a request_module () call is made, which is executed for example when creating a netlink socket ..

Researchers have provided several solutions that are effective only for a specific exploit, but they do not fix the problem itself.

As such it is recommended to set the parameter “/ proc / sys / kernel / unprivileged_userns_clone” to 0 to disable mounting of directories in a separate userid namespace and “/ proc sys / kernel / unprivileged_bpf_disabled” to 1 to disable the loading of eBPF programs into the kernel.

In addition to the fact that all users of a Linux distribution are also recommended to update their system to have the corresponding patch. The problem has been evident since July 2014 and it affects kernel versions since 3.16. The vulnerability patch was coordinated with the community and accepted in the kernel on July 19.

Finally, if you are interested in knowing more about it, you can consult the details in the following link.

Do you needs a dedicated server for hosting your website or application?

Your web site gets thousands of visitors regularly, at that point you ought to think about a dedicated server or you need exclusivity or Security or Company Policy you must certainly go for the dedicated server.

We should audit four reasons you ought to think about deciding for a dedicated server.

  • Your site is developing and should have the option to deal with an expansion in rush hour ?

In the event that you foresee that your site will develop rapidly, it may be a smart thought to select a devoted dedicated server now. For instance, if your site is as yet utilizing shared hosting when your traffic spikes, its presentation could drop altogether. This can be a tricky slant of higher skip rates and loss of income. It’s imperative to give yourself an opportunity to relocate your site and ‘settle’ its exhibition before any potential issues emerge.

As per FXBlog, your webpage ought to be set up to deal with spikes of up to multiple times your typical day by day traffic, to represent advancements and unique occasions. In case you’re not readied, your site could crash or in any case lead to a negative client experience (UX).

  • Security is a top priority for your site

Security is significant for each site, however particularly for those taking care of delicate data. This could incorporate secret messages, credit card numbers, or delicate client data. It’s essential to shield this data and your site from infections, hacks, and different dangers.

With a committed dedicated server, you’re totally accountable for your site’s security. This implies you can improve the highlights you requirement for the particular prerequisites of your site and put away records. Obviously, you’re likewise liable for how these highlights are executed, yet this is one of the advantages of adaptability.

Notwithstanding, a few hosts offer completely oversaw and semi-oversaw support plans. More or less, you can frequently determine what both you and your host will be answerable for, which implies you can confide with a specialist with strategic usefulness while taking care of every single other concern straightforwardly.

  • You’d like your page loading times to be ideal

Your page loading times can significantly affect for all intents and purposes for all parts of your site. Slow pages can prompt low commitment measurements and high ricochet rates. A devoted server can assist you with optimizing this part of your site however much as could be expected.

On a shared hosting server, you won’t have any knowledge of when the server’s assets are being utilized somewhere else, which could make your site run gradually. Choosing a devoted server will promise you to have the transfer speed you have to improve your page stacking times.

  • Having control over your server is critical to you

The last explanation you might need to pick a devoted exclusive dedicated server over different alternatives is a straightforward one: control. We’ve suggested this in past areas, however, committed planning gives you complete obligation over how you decide to utilize your server.

For instance, you’re even allowed to pick the server programming you like. In the event that you favor the asset control of NGINX over Apache, you have the ability to do as such. In addition, you can modify server configuration software details and introduce your own working framework. Along these lines, committed facilitating might be an alluring alternative for cutting edge web designers and those with exceptional and explicit necessities. Choose The Best Plan from Systron – Leaders in Dedicated Server hosting For over two decades.