Serious Discussion My favorite Linux apps:

F

ForgottenSeer 103564

While my above post shows my favorite standard production tools, my absolute favorite linux tools are Suricata IDS/IPS and nmap which i like to run on chromeOS in a container in a VM on Kali linux which houses all my other favorite tools. Nmaps NSE "scripting engine" is excellent for scanning entire networks for malware and CVE's. Suricata protects my device from external attacks as an Intrusion detection/prevention system all behind the hardened chromeOS firewall.

favorite tools.png
 

IoSonoPiero

Level 1
Verified
Jan 15, 2019
45
While my above post shows my favorite standard production tools, my absolute favorite linux tools are Suricata IDS/IPS and nmap which i like to run on chromeOS in a container in a VM on Kali linux which houses all my other favorite tools. Nmaps NSE "scripting engine" is excellent for scanning entire networks for malware and CVE's. Suricata protects my device from external attacks as an Intrusion detection/prevention system all behind the hardened chromeOS firewall.

I'll give it a try! Thanks!
 
F

ForgottenSeer 103564

Suricata, sorry.
No worries, just want to mention before doing so to make sure you have a backup solution on hand, timeshift is a great one. Suricata is a non-gui terminal application that requires some editing via your favorite text-editor and possible further tinkering for adjustment, and just learning the application you will want to have your stuff covered. There are plenty of tutorials on it, make sure to choose the ones fitted for your distro and version of. In my screenshot above im still sitting in system mode, but place it in IPS mode after which requires placing rules in etc files via text editor.
 

IoSonoPiero

Level 1
Verified
Jan 15, 2019
45
Thanks!

BTW:
I don't use Timeshift for choice.
I use Btrfs Assistant for snapshots and Vorta to back up my home.
With Timeshift, you need to "mess" with Btrfs during partitioning.
Using Btrfs (with the scrub and balancing functionalities, too), you have much more granularity on the system's configuration.

However, for Suricata, I've seen they have deb and rpm, so I'll try it on a VM.
 
F

ForgottenSeer 103564

Thanks!

BTW:
I don't use Timeshift for choice.
I use Btrfs Assistant for snapshots and Vorta to back up my home.
With Timeshift, you need to "mess" with Btrfs during partitioning.
Using Btrfs (with the scrub and balancing functionalities, too), you have much more granularity on the system's configuration.

However, for Suricata, I've seen they have deb and rpm, so I'll try it on a VM.
Good to know thank you for sharing, as i do all mine in containers or virtual machines. The main package of Surictata can be installed that way, but will still require adjustment via text editor.
 

klepto

Level 2
Thread author
Jun 14, 2020
76
Testing an interesting offline backup solution for long term storage called bup. It has some glorious features, such as:

  • It uses a rolling checksum algorithm (similar to rsync) to split large files into chunks. The most useful result of this is you can backup huge virtual machine (VM) disk images, databases, and XML files incrementally, even though they're typically all in one huge file, and not use tons of disk space for multiple versions.
  • It uses the packfile format from git (the open source version control system), so you can access the stored data even if you don't like bup's user interface.
  • Unlike git, it writes packfiles directly (instead of having a separate garbage collection / repacking stage) so it's fast even with gratuitously huge amounts of data. bup's improved index formats also allow you to track far more filenames than git (millions) and keep track of far more objects (hundreds or thousands of gigabytes).
  • Bup can use "par2" redundancy to recover corrupted backups even if your disk has undetected bad sectors.
  • Even when a backup is incremental, you don't have to worry about restoring the full backup, then each of the incrementals in turn; an incremental backup acts as if it's a full backup, it just takes less disk space.
  • You can mount your bup repository as a FUSE filesystem and access the content that way, and even export it over Samba.
Bup has a fsck feature with par2 built in and par2 has recovered a ton of stuff for me in the past that I thought was not retrievable.. 🏴‍☠️🏴‍☠️🏴‍☠️
I already use vorta(borg) and restic along with a NAS box but this will be able to be put anywhere and easily accessed. It also has gui options for those who don't like in the terminal like I do.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top